Forbidden error 403 when a non-admin user loads a LookbackAPI chart that scoped to include closed projects
search cancel

Forbidden error 403 when a non-admin user loads a LookbackAPI chart that scoped to include closed projects

book

Article ID: 57608

calendar_today

Updated On:

Products

Rally On-Premise Rally SaaS

Issue/Introduction

Non-workspace-admin users who used to have access to the currently closed project before it was closed can get the historic data, but the non-admin users, including project admins of different projects created after the project was closed, get a 403 error.

Resolution

Unfortunately Lookback API (LBAPI) does not remove closed projects inaccessible to a given user from the query's scope.

Even though it is possible to workaround this issue by promoting the user to workspace administrator rights this is rarely an acceptable workaround. Also, if another user with sufficient permissions moves a story from a closed project to an open project, this will not change the outcome for the non-admin user, which will continue to receive a 403 error. As Lookback API documentation states, the past is unchangeable.

Workaround:

1. A subscription or workspace admin reopens the closed project.

2. A subscription or workspace admin gives access to this project to the affected user and closes the project.

3. At this point the non-admin, editor user Temp U will reload the app successfully.