-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Users are not authorized to view Cohort Pathway executions #2919
Comments
I've made some PRs to optimize permissions and support wildcard perms, but it's not in a hotfix (or otherwise) release. The 2.14 version of atlas you're using had a fix related to refesh token, but I am not sure if that would impact you here (refresh token is called when you create an entity and you need to update permissions for the new item). In java console, can you confirm if it says the requested URI got a 403 result (that would be an auth error). A more involved approach: we can debug the client side code but the 'bundled' form is a bit harder to debug...if you have a dev environment that you can reproduce, then that would be easier, but if you want to do something to trace code in your live environment, you can change some things on your server to run in non-bundled mode so you can set breakpoints easier. To do that, just change the following (from https://github.com/OHDSI/Atlas/blob/master/index.html#L118):
If you swap the HTML comment to comment out the bundled mode and uncomment non-bundled (as shown above) you should get the App downloaded in non-bundled state letting you set breakpoints. The security checks are performed in authAPI.js. However! Looking through this code, I can't seem to find anything related to CohortPathways which might mean that Pathways is doing something different than the other pages (sadface) so....if you can do the above steps to get the specific place where the permission check is failing, that can help us figure out where to start on a fix. |
Thanks @chrisknoll: I have begun to trace this. I will reach out again shortly. Thanks again. |
Expected behavior
Users are authorized to view Cohort Pathway executions and can view them.
Actual behavior
Users are not authorized to view Cohort Pathway executions and can not view them.
Steps to reproduce behavior
Cohort Pathway > Execution
, click onView latest result
orExecutions
Error Message:
See no. 3 above.
Supporting Materials:
Version: Atlas 2.14.1
Environment: Linux/Kubernetes (Kind Cluster)
Is this something that you have come across before @anthonysena @chrisknoll?
The text was updated successfully, but these errors were encountered: