weixin_39619270
weixin_39619270
2020-12-29 11:44

"Folder id X does not have upload id Y or you do not have write access to the folder" error response from `/jobs` when the folder does have the upload and token does have write permissions.

Description

We are trying to implement a Fossology scan as part of CI/CD pipeline. Posting a request to /jobs with a valid upload id and folder id, where the folder in question contains the upload in question, using a read/write token from an admin account with full write access, results in the error message "Folder id 62 does not have upload id 33 or you do not have write access to the folder."

How to reproduce

Here's an outline of the sequence of requests made and responses received which produce this issue:

POST to /folders:


REQUEST: { url: '/folders',
  method: 'post',
  data: null,
  headers:
   { common: { Accept: 'application/json, text/plain, */*' },
     delete: {},
     get: {},
     head: {},
     post: { 'Content-Type': 'application/x-www-form-urlencoded' },
     put: { 'Content-Type': 'application/x-www-form-urlencoded' },
     patch: { 'Content-Type': 'application/x-www-form-urlencoded' },
     Authorization:
      'Bearer fake-token-here',
     parentFolder: '1',
     folderName: 'CI-2020-06-24T14:20:08.100Z' },
  baseURL: 'http://192.168.1.212:6174/repo/api/v1',
  transformRequest: [ [Function: transformRequest] ],
  transformResponse: [ [Function: transformResponse] ],
  timeout: 0,
  adapter: [Function: httpAdapter],
  xsrfCookieName: 'XSRF-TOKEN',
  xsrfHeaderName: 'X-XSRF-TOKEN',
  maxContentLength: -1,
  validateStatus: [Function: validateStatus] }

Response:


{ code: 201, message: 62, type: 'INFO' }

POST to /uploads:


REQUEST: { url: '/uploads',
  method: 'post',
  data:
   FormData {
     _overheadLength: 166,
     _valueLength: 778,
     _valuesToMeasure: [],
     writable: false,
     readable: true,
     dataSize: 0,
     maxDataSize: 2097152,
     pauseStreams: true,
     _released: false,
     _streams:
      [ '----------------------------337659419869298189238387\r\nContent-Disposition: form-data; name="fileInput"; filename="upload.tar.gz"\r\nContent-Type: application/gzip\r\n\r\n',
        <buffer ed dd db ef b3 ff a3 f3 d4 c4 c8 ce ba b6 b0 e4 ...>,
        [Function: bound ] ],
     _currentStream: null,
     _insideLoop: false,
     _pendingNext: false,
     _boundary: '--------------------------337659419869298189238387' },
  headers:
   { common: { Accept: 'application/json, text/plain, */*' },
     delete: {},
     get: {},
     head: {},
     post: { 'Content-Type': 'application/x-www-form-urlencoded' },
     put: { 'Content-Type': 'application/x-www-form-urlencoded' },
     patch: { 'Content-Type': 'application/x-www-form-urlencoded' },
     Authorization:
      'Bearer not-real-token',
     folderId: 62,
     uploadDescription: 'Automatic upload from CI',
     public: 'public',
     'Content-Type': 'multipart/form-data',
     'content-type':
      'multipart/form-data; boundary=--------------------------337659419869298189238387' },
  baseURL: 'http://192.168.1.212:6174/repo/api/v1',
  transformRequest: [ [Function: transformRequest] ],
  transformResponse: [ [Function: transformResponse] ],
  timeout: 0,
  adapter: [Function: httpAdapter],
  xsrfCookieName: 'XSRF-TOKEN',
  xsrfHeaderName: 'X-XSRF-TOKEN',
  maxContentLength: -1,
  validateStatus: [Function: validateStatus] }
</buffer>

Response:


{ code: 201, message: 33, type: 'INFO' }

GET to /uploads/{id}:


REQUEST: { url: '/uploads/33',
  method: 'get',
  headers:
   { common: { Accept: 'application/json, text/plain, */*' },
     delete: {},
     get: {},
     head: {},
     post: { 'Content-Type': 'application/x-www-form-urlencoded' },
     put: { 'Content-Type': 'application/x-www-form-urlencoded' },
     patch: { 'Content-Type': 'application/x-www-form-urlencoded' },
     Authorization:
      'Bearer made-up-token' },
  baseURL: 'http://192.168.1.212:6174/repo/api/v1',
  transformRequest: [ [Function: transformRequest] ],
  transformResponse: [ [Function: transformResponse] ],
  timeout: 0,
  adapter: [Function: httpAdapter],
  xsrfCookieName: 'XSRF-TOKEN',
  xsrfHeaderName: 'X-XSRF-TOKEN',
  maxContentLength: -1,
  validateStatus: [Function: validateStatus] }

Response:


{ folderid: 62,
  foldername: 'CI-2020-06-24T14:20:08.100Z',
  id: 33,
  description: 'Automatic upload from CI',
  uploadname: 'upload.tar.gz',
  uploaddate: '2020-06-24 14:20:08.597916+00',
  filesize: 778 }

Finally, POST to /jobs:


REQUEST: { url: '/jobs',
  method: 'post',
  data:
   { analysis:
      { bucket: true,
        copyright_email_author: true,
        ecc: true,
        keyword: true,
        mime: true,
        monk: true,
        nomos: true,
        package: true },
     decider: { nomos_monk: true, bulk_reused: true, new_scanner: true } },
  headers:
   { common: { Accept: 'application/json, text/plain, */*' },
     delete: {},
     get: {},
     head: {},
     post: { 'Content-Type': 'application/x-www-form-urlencoded' },
     put: { 'Content-Type': 'application/x-www-form-urlencoded' },
     patch: { 'Content-Type': 'application/x-www-form-urlencoded' },
     Authorization:
      'Bearer fake-again',
     'Content-type': 'application/json',
     folderId: 62,
     uploadId: 33 },
  baseURL: 'http://192.168.1.212:6174/repo/api/v1',
  transformRequest: [ [Function: transformRequest] ],
  transformResponse: [ [Function: transformResponse] ],
  timeout: 0,
  adapter: [Function: httpAdapter],
  xsrfCookieName: 'XSRF-TOKEN',
  xsrfHeaderName: 'X-XSRF-TOKEN',
  maxContentLength: -1,
  validateStatus: [Function: validateStatus] }

An this is where the error response occurs:


{ code: 404,
  message:
   'Folder id 62 does not have upload id 33 or you do not have write access to the folder.',
  type: 'ERROR' }

Screenshots

Screenshot of upload definitely present in folder in GUI: image

Versions

  • Last commit id on master: Version: [3.6.0], Branch: [master], Commit: [#fc1b3c] 2019/09/10 09:24 UTC built @ 2019/09/10 09:51 UTC
  • Operating System (lsb_release -a): Ubuntu 20.04 LTS

Logs

Any logs (if any) generated in

FOSSology logs

The only logs that are generated are these notes about email. I haven't configured any email whatsoever, so it makes sense that these are here - are they causing the error? If so it should be more clear that the email is required.


2020-06-24 14:13:59 scheduler [44] :: NOTE: Unable to send email. SMTP host or port not found in the configuration.
2020-06-24 14:13:59 scheduler [44] :: Please check Configuration Variables.

Apache logs


192.168.7.233 - - [24/Jun/2020:14:09:03 +0000] "POST /repo/api/v1/folders HTTP/1.1" 201 271 "-" "axios/0.19.2"
192.168.7.233 - - [24/Jun/2020:14:09:04 +0000] "POST /repo/api/v1/uploads HTTP/1.1" 201 271 "-" "axios/0.19.2"
192.168.7.233 - - [24/Jun/2020:14:09:04 +0000] "GET /repo/api/v1/uploads/30 HTTP/1.1" 200 424 "-" "axios/0.19.2"
192.168.7.233 - - [24/Jun/2020:14:09:04 +0000] "POST /repo/api/v1/jobs HTTP/1.1" 404 361 "-" "axios/0.19.2"

Job logs

Logs generated under Geeky Scan Details (Job history => click on agent's job id)

No logs for this.

该提问来源于开源项目:fossology/fossology

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

10条回答

  • weixin_39908462 weixin_39908462 4月前

    Hi -x-u , I got the same issue today. Did you find any alternate ways to fix this?

    点赞 评论 复制链接分享
  • weixin_39716703 weixin_39716703 4月前

    Hello -x-u and , I've updated the documentation in Wiki: https://github.com/fossology/fossology/wiki/FOSSology-REST-API

    Hope the process is more clear.

    点赞 评论 复制链接分享
  • weixin_39908462 weixin_39908462 4月前

    Hi , Thanks for the documentation.

    点赞 评论 复制链接分享
  • weixin_39716703 weixin_39716703 4月前

    Hello -x-u , hope the documentation is more friendly now. If the process it working for you, would you be okay to close the issue?

    点赞 评论 复制链接分享
  • weixin_39619270 weixin_39619270 4月前

    Hello again -- just double checking before I close it, are there plans to update this page on the website? https://www.fossology.org/get-started/basic-rest-api-calls/

    点赞 评论 复制链接分享
  • weixin_39908462 weixin_39908462 4月前

    Hi , Is there any way I can get the info about licenses i.e,
    image

    点赞 评论 复制链接分享
  • weixin_39716703 weixin_39716703 4月前

    Hello again -- just double checking before I close it, are there plans to update this page on the website? https://www.fossology.org/get-started/basic-rest-api-calls/

    -x-u , we will have to update the same as the document from Wiki https://github.com/fossology/fossology/wiki/FOSSology-REST-API

    \cc

    点赞 评论 复制链接分享
  • weixin_39716703 weixin_39716703 4月前

    Hi , Is there any way I can get the info about licenses i.e, image

    Hello , I don't believe FOSSology stores any such fields mentioned by you.

    However, you can create a new feature request for license management from REST API.

    点赞 评论 复制链接分享
  • weixin_39619270 weixin_39619270 4月前

    Update: upgraded fossology to Version: [3.8.1], Branch: [heads/3.8.1], Commit: [#9103fa], this issue is still present.

    点赞 评论 复制链接分享
  • weixin_39619270 weixin_39619270 4月前

    Resolved by waiting for the 'Completed' status on /jobs?upload=X. Leaving the issue open as https://www.fossology.org/get-started/basic-rest-api-calls/ does not document the fact that an upload job needs to be waited for.

    点赞 评论 复制链接分享

相关推荐