Apicurio-studio: Environment Var "APICURIO_SHARE_FOR_EVERYONE" doesn't work good enough

Created on 20 Sep 2019 · 3Comments · Source: Apicurio/apicurio-studio

Hi!
I was trying the environment var APICURIO_SHARE_FOR_EVERYONE.
I can see and edit API's from other users, but it's not working to see "Collaborators" or "Mocks".

Searching the cause, i found that the service "getMocks" doesn't check the property "isShareForEveryone()" and return a 404 HTTP Error Satus, becouse the user don't have permisions. Same for the "collaborators" section.

ApicurioError

https://github.com/Apicurio/apicurio-studio/blob/master/front-end/studio/src/app/services/apis.service.ts

this.endpoint("/designs/:designId/mocks",

```

public getMocks(apiId: string, from?: number, to?: number): Promise console.info("[ApisService] Getting all mocks for API %s", apiId);

    let getMocksUrl: string = this.endpoint("/designs/:designId/mocks", {
        designId: apiId
    }, {
        start: from,
        end: to
    });

    let options: any = this.options({ "Accept": "application/json" });

    console.info("[ApisService] Fetching API mocks: %s", getMocksUrl);
    return this.httpGet<ApiMock[]>(getMocksUrl, options);
}


> this.endpoint("/designs/:designId/collaborators",

public getCollaborators(apiId: string): Promise console.info("[ApisService] Getting collaborators for API Design %s", apiId);

    let getCollaboratorsUrl: string = this.endpoint("/designs/:designId/collaborators", {
        designId: apiId
    });
    let options: any = this.options({ "Accept": "application/json" });

    console.info("[ApisService] Fetching collaborator list: %s", getCollaboratorsUrl);
    return this.httpGet<ApiCollaborator[]>(getCollaboratorsUrl, options);
}


**https://github.com/Apicurio/apicurio-studio/blob/master/back-end/hub-api/src/main/java/io/apicurio/hub/api/rest/impl/DesignsResource.java**

> !this.storage.hasWritePermission

@Override
public Collection getMocks(String designId, Integer start, Integer end)
throws ServerError, NotFoundException {
int from = 0;
int to = 20;
if (start != null) {
from = start.intValue();
}
if (end != null) {
to = end.intValue();
}

    try {
        String user = this.security.getCurrentUser().getLogin();
        if (!this.storage.hasWritePermission(user, designId)) {
            throw new NotFoundException();
        }
        return this.storage.listApiDesignMocks(designId, from, to);
    } catch (StorageException e) {
        throw new ServerError(e);
    }
}

@Override
public Collection getCollaborators(String designId) throws ServerError, NotFoundException {
logger.debug("Retrieving all collaborators for API: {}", designId);
metrics.apiCall("/designs/{designId}/collaborators", "GET");

    try {
        String user = this.security.getCurrentUser().getLogin();
        if (!this.storage.hasWritePermission(user, designId)) {
            throw new NotFoundException();
        }
        return this.storage.listPermissions(designId);
    } catch (StorageException e) {
        throw new ServerError(e);
    }
}

```

bug

Source

AguRyan

Most helpful comment

Hi! Thanks for your comment, looking for the bug, I just find out that we were using an old version . 0.2.27.
Sorry about that.
I'll update the App.
You can dismiss the error.

Thanks.

AguRyan on 11 Oct 2019

👍2

All 3 comments

Thanks for the bug report.

EricWittmann on 24 Sep 2019

@AguRyan At the latest release, I find out that inside hasWritePermission() function, isShareForEveryone() is checked :

https://github.com/Apicurio/apicurio-studio/blob/v0.2.43.Final/back-end/hub-core/src/main/java/io/apicurio/hub/core/storage/jdbc/JdbcStorage.java#L275

Do you have any other idea about what is the cause of this problem?

turutosiya on 11 Oct 2019

Hi! Thanks for your comment, looking for the bug, I just find out that we were using an old version . 0.2.27.
Sorry about that.
I'll update the App.
You can dismiss the error.

Thanks.

AguRyan on 11 Oct 2019

👍2

Was this page helpful?

0 / 5 - 0 ratings