[ckan-discuss] Delete packages with api - 403 error
Toby Dacre
toby.okfn at gmail.com
Wed Jun 5 11:21:07 BST 2013
On 5 June 2013 09:55, Adrià Mercader <adria.mercader at okfn.org> wrote:
> Hi,
>
> The main issue here is that John was creating a package without any
> organization defined.
>
> Currently the authorization check for package_delete will return false
> for any package that does not belong to an organization [1], while the
> one for package_update does further checks [2].
>
> I'm not that familiar with the nuances of the new auth, so not sure if
> that is so by design or could be improved.
>
> @Toby, any thougths?
There has been some discussions on this I think on github. The
initial spec for the orgs based auth has some undefined areas and also
with the number of config options some confused areas remain. I think
part of the problem is that anyone could end up deleting a dataset.
The fact that they can edit it seems slightly confused too. Making an
issue to address this may be an idea but we also should review the
auth now that it has settled in to keep it consistent.
For now a SysAdmin should be able to delete them
>
> [1] https://github.com/okfn/ckan/blob/master/ckan/logic/auth/delete.py#L7
> [2] https://github.com/okfn/ckan/blob/master/ckan/logic/auth/update.py#L14
>
>
>
>>> A little off-topic but- Is the V3 package_delete action the same as
>>> setting "state" to "deleted" as in the V2 API? Or is it like the "paster
>>> dataset purge" command?
> Yes, it also just sets state to delete.
>
>
>
> Adrià
>
>
>>> --
>>> - Joshua Tauberer
>>> - http://razor.occams.info
>>>
>>>
>>>
>>> On 06/04/2013 08:54 AM, John Mrziglod wrote:
>>> > Hi Hendrik,
>>> >
>>> > Thank you very much for your answer!
>>> >
>>> > I changed it to 'api/3/' but the same error have occured. I thought the documentation says that CKAN chooses the last version of API automatically (http://docs.ckan.org/en/ckan-2.0/api.html#api-versions).
>>> >
>>> > Nevertheless my problem hasn't changed =(
>>> >
>>> > Maybe is there any problem with creating packages without an organization in CKAN2.0 ?
>>> > Or how can I add packages to an organization with API 3?
>>> >
>>> > John
>>> >
>>> >
>>> >> Gesendet: Donnerstag, 30. Mai 2013 um 10:11 Uhr
>>> >> Von: "Hendrik Bunke" <bunke.hendrik at gmail.com>
>>> >> An: "John Mrziglod" <mrzo at gmx.de>
>>> >> Betreff: Re: [ckan-discuss] Delete packages with api - 403 error
>>> >>
>>> >> Hi,
>>> >>
>>> >> it might be just a typo and not helpful anyway. But as far as I
>>> >> know with "api_url = "http://{host}/api/action..." you're calling
>>> >> API version #1. You'll need to specify version 3 explicitly
>>> >> (host/api/3/...).
>>> >>
>>> >> But anyway, package deletion works fine here even with API #1.
>>> >> You might have a look at ckanclient
>>> >> (https://github.com/okfn/ckanclient). It uses API #1.
>>> >>
>>> >> regards
>>> >> hendrik
>>> >>
>>> >>
>>> >>
>>> >> --On 2013-05-29 16:53, John Mrziglod wrote:
>>> >>> Hi Sean Hammond,
>>> >>>
>>> >>> I consider your warning that API 1 is deprecated so i write a short program with API 3 (i used the example from http://docs.ckan.org/en/ckan-2.0/api.html):
>>> >>>
>>> >>> #!/usr/bin/env python
>>> >>> import urllib2
>>> >>> import urllib
>>> >>> import json
>>> >>> import pprint
>>> >>>
>>> >>> def call_action (url,api_key,data_string):
>>> >>>
>>> >>> # Make the HTTP request.
>>> >>> request = urllib2.Request(url)
>>> >>> request.add_header('Authorization', api_key)
>>> >>> response = urllib2.urlopen(request,data_string)
>>> >>> assert response.code == 200
>>> >>>
>>> >>> # Use the json module to load CKAN's response into a dictionary.
>>> >>> response_dict = json.loads(response.read())
>>> >>>
>>> >>> # Check the contents of the response.
>>> >>> assert response_dict['success'] is True
>>> >>> result = response_dict['result']
>>> >>> pprint.pprint(result)
>>> >>>
>>> >>>
>>> >>> ip_host = 'xxxHostNamexxx.org'
>>> >>> api_key = 'xxx'
>>> >>> api_url = "http://{host}/api/action".format(host=ip_host)
>>> >>>
>>> >>> # Use the json module to dump a dictionary to a string for posting.
>>> >>> dataset_name = 'data-explorer6'
>>> >>> data_string = urllib.quote(json.dumps({
>>> >>> 'name': dataset_name,
>>> >>> 'extras':[
>>> >>> {'key':'Sprache','value':'Englisch'},
>>> >>> {'key':'2. Sprache','value':'Deutsch'}
>>> >>> ]}))
>>> >>>
>>> >>>
>>> >>> ## Create the package:
>>> >>> print '# create the package:'
>>> >>> call_action(api_url+'/package_create',api_key,data_string)
>>> >>>
>>> >>> ## delete the package:
>>> >>> print '\n# delete the package:'
>>> >>> call_action(api_url+'/package_delete',api_key,urllib.quote(json.dumps({'id': dataset_name})))
>>> >>>
>>> >>>
>>> >>> ------------------------------------------------------------
>>> >>> Unfortunately the same problem and error message occured.
>>> >>> Here is my output and the error message:
>>> >>>
>>> >>> # create the package:
>>> >>> {u'author': None,
>>> >>> u'author_email': None,
>>> >>> u'extras': [{u'__extras': {u'package_id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>>> >>> u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea'},
>>> >>> u'key': u'2. Sprache',
>>> >>> u'value': u'Deutsch'},
>>> >>> {u'__extras': {u'package_id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>>> >>> u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea'},
>>> >>> u'key': u'Sprache',
>>> >>> u'value': u'Englisch'}],
>>> >>> u'groups': [],
>>> >>> u'id': u'f591cba3-0ed5-4ac5-a19c-9d41edd047f5',
>>> >>> u'isopen': False,
>>> >>> u'license_id': None,
>>> >>> u'license_title': None,
>>> >>> u'maintainer': None,
>>> >>> u'maintainer_email': None,
>>> >>> u'metadata_created': u'2013-05-29T14:35:39.499009',
>>> >>> u'metadata_modified': u'2013-05-29T14:35:39.499009',
>>> >>> u'name': u'data-explorer5',
>>> >>> u'notes': None,
>>> >>> u'num_resources': 0,
>>> >>> u'num_tags': 0,
>>> >>> u'organization': None,
>>> >>> u'owner_org': None,
>>> >>> u'private': False,
>>> >>> u'relationships_as_object': [],
>>> >>> u'relationships_as_subject': [],
>>> >>> u'resources': [],
>>> >>> u'revision_id': u'7e5e45dd-ad47-420e-82df-ca78eb7ca8ea',
>>> >>> u'revision_timestamp': u'2013-05-29T14:35:39.499009',
>>> >>> u'state': u'active',
>>> >>> u'tags': [],
>>> >>> u'title': u'data-explorer5',
>>> >>> u'tracking_summary': {u'recent': 0, u'total': 0},
>>> >>> u'type': u'dataset',
>>> >>> u'url': None,
>>> >>> u'version': None}
>>> >>>
>>> >>> # delete the package:
>>> >>> Traceback (most recent call last):
>>> >>> File "ckan_minimal.py", line 42, in <module>
>>> >>> call_action(api_url+'/package_delete',api_key,urllib.quote(json.dumps({'id': dataset_name})))
>>> >>> File "ckan_minimal.py", line 12, in call_action
>>> >>> response = urllib2.urlopen(request,data_string)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen
>>> >>> return _opener.open(url, data, timeout)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 397, in open
>>> >>> response = meth(req, response)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 510, in http_response
>>> >>> 'http', request, response, code, msg, hdrs)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 435, in error
>>> >>> return self._call_chain(*args)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
>>> >>> result = func(*args)
>>> >>> File "/usr/lib/python2.6/urllib2.py", line 518, in http_error_default
>>> >>> raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
>>> >>> urllib2.HTTPError: HTTP Error 403: Forbidden
>>> >>>
>>> >>> _______________________________________________
>>> >>> ckan-discuss mailing list
>>> >>> ckan-discuss at lists.okfn.org
>>> >>> http://lists.okfn.org/mailman/listinfo/ckan-discuss
>>> >>> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>>> >> --
>>> >> Dr. Hendrik Bunke
>>> >> http://gplus.to/hbunke
>>> >> http://twitter.com/hbunke
>>> >> http://www.hbxt.org
>>> >>
>>> > _______________________________________________
>>> > ckan-discuss mailing list
>>> > ckan-discuss at lists.okfn.org
>>> > http://lists.okfn.org/mailman/listinfo/ckan-discuss
>>> > Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>>>
>>>
>>
>> _______________________________________________
>> ckan-discuss mailing list
>> ckan-discuss at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/ckan-discuss
>> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>
> _______________________________________________
> ckan-discuss mailing list
> ckan-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ckan-discuss
> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
--
Toby Dacre
The Open Knowledge Foundation
Empowering through Open Knowledge
http://okfn.org/ | @okfn
More information about the ckan-discuss
mailing list