Getting 401 when creating Crucible Review from REST API

I'm trying to create review from Fiddler composer:

POST http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664 HTTP/1.1
User-Agent: Fiddler
Host: crucible.dev
Content-Length: 393
Content-Type: application/json

{
  "reviewData" : {
    "projectKey" : "CR",
    "name" : "R1234",
    "description" : "Review R1234",
    "author" : {
      "userName" : "someUser"
    },
    "moderator" : {
      "userName" : "someUser"
    },
    "creator" : {
      "userName" : "someUser"
    },
    "state" : "Review",
    "type" : "REVIEW",
    "allowReviewersToJoin" : true
  }  
}

But it returns 401 (see response below). The user "crucible" exists and is admin. Creating review from web UI under this user is ok. The request of all reviews (GET http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664) returns 200 OK and contains all reviews. 

So is create review request correct? Maybe it should use some other auth?

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Length: 24263
Content-Type: application/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: remember=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;HttpOnly
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
X-UA-Compatible: IE=Edge
X-AUSERNAME: crucible
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 14:24:37 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><code>Authorization</code><message>Crucible unauthorised action.</message><stacktrace>com.atlassian.crucible.spi.services.AuthorizationException: Crucible unauthorised action.
	at com.cenqua.crucible.model.managers.impl.DefaultReviewManager.changeState(DefaultReviewManager.java:1000)
	....
at java.lang.Thread.run(Thread.java:679) </stacktrace></error>

 

1 answer

1 accepted

0 votes
Accepted answer

After some expirements I've found out that "creator" should be same as authenticated user.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted yesterday in Featured Groups

Want to know how Atlassians monitor their enterprise deployments?

At Atlassian, we believe in our own products – that's why we use them, even at the enterprise level. Doing so gives us first-hand experience of how they perform at scale; to do this, we monitor each ...

67 views 2 7
View post

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you