Unable to delete REST session when user's function access admin is not set to 'Modify'.

book

Article ID: 208374

calendar_today

Updated On:

Products

CA Service Desk Manager

Issue/Introduction

Issue:

A user is able to authenticate with the REST API without any issues, but they cannot delete their session. When they attempt to call DELETE on /rest_access/{id} they get the error message "This operation requires Function Access for 'admin' equal to 'Modify'." 

STEPS TO REPRODUCE (using Postman):

1. Create a new Request with this Request Name: get access key

In the dropdown, select "POST".
To the right of the dropdown, follow this format: http://servername:8050/caisd-rest/rest_access

In the Authorization tab, select "Basic Auth" for TYPE, enter "servicedesk" in the Username field, and enter the password of the CA SDM servicedesk userid in the Password field.

In the Headers tab, create the following 2 rows:
KEY VALUE
Content-Type application/xml
Cache-Control no-cache

In the Body tab, click the radio button named "raw" and then enter the following text:


Click the SEND button.

The results should be like the following: (take a note of the access_key value (1833952883) and the rest_access_id value):

"
1833952883
1554362566


Take a note of the access_key value (1833952883) and the rest_access_id value(400058):

2. In CA Service Desk Manager, login as servicedesk userid, edit the Administration access type, change the value of "REST Web Service API Role" from Adminstrator to Level 1 Analyst. Save the change.

3. Create a new Request with this Request Name: delete access key

In the dropdown, select DELETE.
To the right of the dropdown, follow this format: http://servername:8050/caisd-rest/rest_access

In the Authorization tab, select "Inherit auth from parent" for TYPE.

In the Headers tab, create the following 3 rows:
KEY VALUE
Content-Type application/xml
Cache-Control no-cache
X-AccessKey 1833952883

In the Body tab, click the radio button named "raw" and then enter the following text:


Click the SEND button.

The results are:
In Postman, 500 Internal Server Error
In $NX_ROOT\log\jrest.log, an ERROR message like the following:
03/28 13:14:39.164 [http-nio-8050-exec-2] ERROR SDMCRUDServiceImpl 792 This operation requires Function Access for 'admin' equal to 'Modify'.

Environment

Release : 17.2

Component : Svc Desk Web Services

Resolution

It is addressed via defect - DE48395 and the resolution is included in 17.2 Roll up 12 patch.