[ckan-discuss] Delete packages with api - 403 error

Adrià Mercader adria.mercader at okfn.org
Wed Jun 5 09:55:51 BST 2013


Hi,

The main issue here is that John was creating a package without any
organization defined.

Currently the authorization check for package_delete will return false
for any package that does not belong to an organization [1], while the
one for package_update does further checks [2].

I'm not that familiar with the nuances of the new auth, so not sure if
that is so by design or could be improved.

@Toby, any thougths?

[1] https://github.com/okfn/ckan/blob/master/ckan/logic/auth/delete.py#L7
[2] https://github.com/okfn/ckan/blob/master/ckan/logic/auth/update.py#L14



>> A little off-topic but- Is the V3 package_delete action the same as
>> setting "state" to "deleted" as in the V2 API? Or is it like the "paster
>> dataset purge" command?
Yes, it also just sets state to delete.



Adrià


>> --
>> - Joshua Tauberer
>> - http://razor.occams.info
>>
>>
>>
>> On 06/04/2013 08:54 AM, John Mrziglod wrote:
>> > Hi Hendrik,
>> >
>> > Thank you very much for your answer!
>> >
>> > I changed it to 'api/3/' but the same error have occured. I thought the documentation says that CKAN chooses the last version of API automatically (http://docs.ckan.org/en/ckan-2.0/api.html#api-versions).
>> >
>> > Nevertheless my problem hasn't changed =(
>> >
>> > Maybe is there any problem with creating packages without an organization in CKAN2.0 ?
>> > Or how can I add packages to an organization with API 3?
>> >
>> > John
>> >
>> >
>> >> Gesendet: Donnerstag, 30. Mai 2013 um 10:11 Uhr
>> >> Von: "Hendrik Bunke" <bunke.hendrik at gmail.com>
>> >> An: "John Mrziglod" <mrzo at gmx.de>
>> >> Betreff: Re: [ckan-discuss] Delete packages with api - 403 error
>> >>
>> >> Hi,
>> >>
>> >> it might be just a typo and not helpful anyway. But as far as I
>> >> know with "api_url = "http://{host}/api/action..." you're calling
>> >> API version #1.  You'll need to specify version 3 explicitly
>> >> (host/api/3/...).
>> >>
>> >> But anyway, package deletion works fine here even with API #1.
>> >> You might have a look at ckanclient
>> >> (https://github.com/okfn/ckanclient). It uses API #1.
>> >>
>> >> regards
>> >> hendrik
>> >>
>> >>
>> >>
>> >> --On 2013-05-29 16:53, John Mrziglod wrote:
>> >>> Hi Sean Hammond,
>> >>>
>> >>> I consider your warning that API 1 is deprecated so i write a short program with API 3 (i used the example from http://docs.ckan.org/en/ckan-2.0/api.html):
>> >>>
>> >>> #!/usr/bin/env python
>> >>> import urllib2
>> >>> import urllib
>> >>> import json
>> >>> import pprint
>> >>>
>> >>> def call_action (url,api_key,data_string):
>> >>>
>> >>>      # Make the HTTP request.
>> >>>      request = urllib2.Request(url)
>> >>>      request.add_header('Authorization', api_key)
>> >>>      response = urllib2.urlopen(request,data_string)
>> >>>      assert response.code == 200
>> >>>
>> >>>      # Use the json module to load CKAN's response into a dictionary.
>> >>>      response_dict = json.loads(response.read())
>> >>>
>> >>>      # Check the contents of the response.
>> >>>      assert response_dict['success'] is True
>> >>>      result = response_dict['result']
>> >>>      pprint.pprint(result)
>> >>>
>> >>>
>> >>> ip_host = 'xxxHostNamexxx.org'
>> >>> api_key = 'xxx'
>> >>> api_url = "http://{host}/api/action".format(host=ip_host)
>> >>>
>> >>> # Use the json module to dump a dictionary to a string for posting.
>> >>> dataset_name    = 'data-explorer6'
>> >>> data_string = urllib.quote(json.dumps({
>> >>>      'name': dataset_name,
>> >>>      'extras':[
>> >>>          {'key':'Sprache','value':'Englisch'},
>> >>>          {'key':'2. Sprache','value':'Deutsch'}
>> >>> ]}))
>> >>>
>> >>>
>> >>> ## Create the package:
>> >>> print '# create the package:'
>> >>> call_action(api_url+'/package_create',api_key,data_string)
>> >>>
>> >>> ## delete the package:
>> >>> print '\n# delete the package:'
>> >>> call_action(api_url+'/package_delete',api_key,urllib.quote(json.dumps({'id': dataset_name})))
>> >>>
>> >>>
>> >>> ------------------------------------------------------------
>> >>> Unfortunately the same problem and error message occured.
>> >>> Here is my output and the error message:
>> >>>
>> >>> # create the package:
>> >>> {u'author': None,
>> >>>   u'author_email': None,
>> >>>   u'extras': [{u'__extras': {u'package_id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>> >>>                              u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea'},
>> >>>                u'key': u'2. Sprache',
>> >>>                u'value': u'Deutsch'},
>> >>>               {u'__extras': {u'package_id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>> >>>                              u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea'},
>> >>>                u'key': u'Sprache',
>> >>>                u'value': u'Englisch'}],
>> >>>   u'groups': [],
>> >>>   u'id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>> >>>   u'isopen': False,
>> >>>   u'license_id': None,
>> >>>   u'license_title': None,
>> >>>   u'maintainer': None,
>> >>>   u'maintainer_email': None,
>> >>>   u'metadata_created': u'2013-05-29T14:35:39.499009',
>> >>>   u'metadata_modified': u'2013-05-29T14:35:39.499009',
>> >>>   u'name': u'data-explorer5',
>> >>>   u'notes': None,
>> >>>   u'num_resources': 0,
>> >>>   u'num_tags': 0,
>> >>>   u'organization': None,
>> >>>   u'owner_org': None,
>> >>>   u'private': False,
>> >>>   u'relationships_as_object': [],
>> >>>   u'relationships_as_subject': [],
>> >>>   u'resources': [],
>> >>>   u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea',
>> >>>   u'revision_timestamp': u'2013-05-29T14:35:39.499009',
>> >>>   u'state': u'active',
>> >>>   u'tags': [],
>> >>>   u'title': u'data-explorer5',
>> >>>   u'tracking_summary': {u'recent': 0, u'total': 0},
>> >>>   u'type': u'dataset',
>> >>>   u'url': None,
>> >>>   u'version': None}
>> >>>
>> >>> # delete the package:
>> >>> Traceback (most recent call last):
>> >>>    File "ckan_minimal.py", line 42, in <module>
>> >>>      call_action(api_url+'/package_delete',api_key,urllib.quote(json.dumps({'id': dataset_name})))
>> >>>    File "ckan_minimal.py", line 12, in call_action
>> >>>      response = urllib2.urlopen(request,data_string)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
>> >>>      return _opener.open(url, data, timeout)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 397, in open
>> >>>      response = meth(req, response)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 510, in http_response
>> >>>      'http', request, response, code, msg, hdrs)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 435, in error
>> >>>      return self._call_chain(*args)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
>> >>>      result = func(*args)
>> >>>    File "/usr/lib/python2.6/urllib2.py", line 518, in http_error_default
>> >>>      raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
>> >>> urllib2.HTTPError: HTTP Error 403: Forbidden
>> >>>
>> >>> _______________________________________________
>> >>> ckan-discuss mailing list
>> >>> ckan-discuss at lists.okfn.org
>> >>> http://lists.okfn.org/mailman/listinfo/ckan-discuss
>> >>> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>> >> --
>> >> Dr. Hendrik Bunke
>> >> http://gplus.to/hbunke
>> >> http://twitter.com/hbunke
>> >> http://www.hbxt.org
>> >>
>> > _______________________________________________
>> > ckan-discuss mailing list
>> > ckan-discuss at lists.okfn.org
>> > http://lists.okfn.org/mailman/listinfo/ckan-discuss
>> > Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>>
>>
>
> _______________________________________________
> ckan-discuss mailing list
> ckan-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ckan-discuss
> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss



More information about the ckan-discuss mailing list