Uploaded image for project: 'Jira Align'
  1. Jira Align
  2. JIRAALIGN-1586

[JIRAALIGN-1586] API 2.0 : Endpoints are returning HTTP 400 BAD REQUEST

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Highest Highest
    • 10.79
    • 10.70, 10.71, 10.72, 10.73, 10.74, 10.75
    • REST API
    • 8
    • Severity 2 - Major
    • Batman! - TART5, Breakers - TART2

      Issue Summary

      API 2.0 endpoints are mistakenly returning the error message below when using a non-Super Admin user:

      HTTP 400 BAD REQUEST 

      Steps to Reproduce

      1. By using a valid non-Super Admin token, make the following API v2 GET call (examples below):
        1. /rest/align/api/2/Themes
        2. /rest/align/api/2/Epics
        3. /rest/align/api/2/Capabilities
        4. /rest/align/api/2/Features

      Expected Results

      • Notice authentication works
      • Notice status code HTTP 200 OK then work items are returned

      Actual Results

      • Notice no mention to authentication errors – assuming it worked due to previous results plus the lack of 401 error code.
      • Notice HTTP 400 BAD REQUEST and variations of it.
      • Splunk log:
      { [-]
        Level: Error
         MessageTemplate: Cannot find epics. Value cannot be null. (Parameter 'source')
         Properties: { [-]
           ActionId: 9ab9cbfb-1a44-445e-8ab9-d54703a57942
           ActionName: AgileCraft.Api.Controllers.EpicsController.Get (AgileCraft.Api)
           Build: 10.73.0.6051
           ParentId:
           Product: AgileCraft.Api
           RequestId: 8000d662-0000-d100-b63f-84710c7967bb
           RequestPath: /rest/align/api/2/Epics
           SourceContext: AgileCraft.Api.Controllers.EpicsController
           SpanId: |ebb1bc55-4f23ce828eaf354f.
           TraceId: ebb1bc55-4f23ce828eaf354f
         }
         RenderedMessage: Cannot find epics. Value cannot be null. (Parameter 'source')
         Timestamp: 2020-06-22T12:21:16.7043897-04:00
      }
      

      Workaround

      Set the role of the API user (user the token is associated with) to Super Admin and results will return as expected.

        1. 200 OK” with no data for Non-Super Admin user.jpg
          13 kB
          Peggy Graham
        2. summary of test results.png
          275 kB
          Peggy Graham
        3. Super Admin user - data is returned.jpg
          25 kB
          Peggy Graham

              kforeman@atlassian.com Kyle Foreman
              rcortez@atlassian.com Rodrigo Cortez
              Votes:
              4 Vote for this issue
              Watchers:
              16 Start watching this issue

                Created:
                Updated:
                Resolved: