Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

USS GET directory listing which user in not authorised returns 500 RC instead of 403 #77

Closed
lauren-li opened this issue Mar 18, 2019 · 1 comment

Comments

@lauren-li
Copy link

commented Mar 18, 2019

Describe the bug
In the Zowe 0.9.4 API, a 403 (Forbidden) error was returned if the user requested to view contents a USS folder they did not have permission to view. In Zowe 1.0.1, the new API returns a 500 error.

To Reproduce
Steps to reproduce the behavior:

  1. Go to the Swagger UI for Zowe 1.0.1 (e.g. https://tvt4119.svl.ibm.com:8547/swagger-ui.html#/).
  2. Expand 'Unix Files APIs'.
  3. Expand 'GET /api/v1/unixfiles' and click "Try it out".
  4. In the input field for path, enter the path to a folder your user does not have permission to (e.g. /u/zoweph or /u/zowebjs).
  5. See a 500 error returned.

Expected behavior
When the user requests to view contents of a USS folder they do not have permission to, return a 403 (Forbidden) error.

Screenshots
Screenshot of 500 error:
Screen Shot 2019-03-18 at 11 38 15 AM

Desktop (please complete the following information):

  • OS: Mac
  • Browser: All
  • Version [e.g. 22]: N/A

Additional context
Add any other context about the problem here.

@lauren-li lauren-li added the bug label Mar 18, 2019

@jordanCain

This comment has been minimized.

Copy link
Contributor

commented Mar 18, 2019

This should be fixed by #66 which should be in 1.0.2

@jordanCain jordanCain added the review label Mar 21, 2019

@jordanCain jordanCain self-assigned this Mar 21, 2019

@jordanCain jordanCain changed the title USS 403 Permission Denied error changed to 500 USS GET directory listing which user in not authorised returns 500 RC instead of 403 Mar 21, 2019

@jordanCain jordanCain closed this May 8, 2019

@ghost ghost removed the review label May 8, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.