[ckan-dev] Datastore & filestore via API
Sean Hammond
sean.hammond at okfn.org
Mon Aug 13 14:04:16 UTC 2012
> This is the logged error when I try to post a file to the filestore with
> ckan.add_package_resource
> (it creates the resource and its metadata, but the file isn't loaded
> anywhere):
>
> 2012-08-08 15:52:35,186 DEBUG [pylons.controllers.core] Looking for
> u'upload_handle' method to handle the request
> 2012-08-08 15:52:35,187 DEBUG [pylons.controllers.core] Calling
> 'upload_handle' method with keyword args: **{}
> 2012-08-08 15:52:35,194 DEBUG [pylons.controllers.util] Aborting
> request, status: 401, detail: '', headers: None, comment: None
> 2012-08-08 15:52:35,194 DEBUG [pylons.controllers.core] 'upload_handle'
> method raised HTTPException: HTTPUnauthorized (code: 401)
> Traceback (most recent call last):
> File
> "/home/ckan/pyenv/local/lib/python2.7/site-packages/pylons/controllers/core.py",
> line 107, in _inspect_call
> result = self._perform_call(func, args)
> File
> "/home/ckan/pyenv/local/lib/python2.7/site-packages/pylons/controllers/core.py",
> line 60, in _perform_call
> return func(**args)
> File "/home/ckan/pyenv/src/ckan/ckan/controllers/storage.py", line
> 133, in upload_handle
> authorize('POST', BUCKET, label, c.userobj, self.ofs)
> File "/home/ckan/pyenv/src/ckan/ckan/controllers/storage.py", line
> 99, in authorize
> abort(401)
> File "/home/ckan/pyenv/src/ckan/ckan/lib/base.py", line 48, in abort
> comment=comment)
> File
> "/home/ckan/pyenv/local/lib/python2.7/site-packages/pylons/controllers/util.py",
> line 196, in abort
> raise exc.exception
> HTTPUnauthorized: This server could not verify that you are authorized
> to access the document you requested. Either you supplied the wrong
> credentials (e.g., bad password), or your browser does not understand
> how to supply the credentials required.
I'm having a different problem with uploading files using ckanclient, so
I can't test things, but here's a guess:
This looks like the user whose API key you're supplying is not
authorized to upload files to the dataset you're trying to upload to.
If you do `paster roles` in the terminal, it'll print out a list of
roles and a list or rights for each role, like this:
editor read-site, read-user, create-user, edit,
create-package, create-group, create-authorization-group, read, file-upload
anon_editor edit, create-package, create-user, read-user,
read-site, read, file-upload
reader read-site, read-user, create-user, read
As you can see in my example, the editor and anon_editor have the
file-upload right.
Now if you do `paster rights` it'll print all the roles that each user
has for each object. The logged_in user is a user whose rights apply to
anyone who is logged in (or supplies an API key with their API post):
paster rights | grep logged_in
User logged_in -> is editor on -> Package my-dataset
User logged_in -> is editor on -> Package warandpeace
User logged_in -> is reader on -> Group david
User logged_in -> is editor on -> System system
User logged_in -> is reader on -> Group roger
User logged_in -> is editor on -> Package annakarenina
In my case, since the logged_in user has the editor role for my-dataset,
warandpeace and annakarenina, and the editor role includes the
file-upload right, any logged in user should be authorized to upload
files to those datasets.
I can also do:
paster rights | grep seanh
to see what specific rights my user account has.
You can find the documentation for all this rights and roles stuff here:
http://docs.ckan.org/en/ckan-1.7.1/authorization.html
More information about the ckan-dev
mailing list