Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Neutral
Fix Version/s: 2.0.0
Affects Version/s: None
Labels:
- VN-Maintenance
- dx-core-6.3

Template:
Acceptance criteria:

Empty

show more show less
Release notes required:

Yes
Epic Link:
Sane Default Roles & Groups
Approved:

Yes

With "superuser" account users cannot access GraphQL app or GraphQL API.

Steps to reproduce:
1. Run dx-core webapp and login with "superuser" account
2. Access GraphQL app or call GraphQL API

Actual result:
GraphQL app: The user is redirected to the login page

GraphQL API: The user gets 403 response status code

Expected result:
The user should be able to access both GraphQL app and GraphQL API

Workaround:
1. Grant web access permission "/.*" in Security app to superuser

2. Another way is that we can create a new user account with superuser role and then use the user to access GraphQL

Note:

The issue is that "superuser" account does not have permission to access "./*" url pattern.

See logs below:

Acceptance criteria

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

image-2023-09-08-10-40-05-775.png
08/Sep/23 5:40 AM
21 kB
Anh Vu
image-2023-09-08-10-42-12-464.png
08/Sep/23 5:42 AM
297 kB
Anh Vu
image-2023-09-08-10-43-09-872.png
08/Sep/23 5:43 AM
361 kB
Anh Vu
image-2023-09-08-10-44-29-502.png
08/Sep/23 5:44 AM
178 kB
Anh Vu
image-2023-09-08-10-56-38-837.png
08/Sep/23 5:56 AM
75 kB
Anh Vu
image-2023-09-08-10-56-50-419.png
08/Sep/23 5:56 AM
75 kB
Anh Vu

is related to

MGNLRES-404 Create resources-editor role that allow get from /.resources/*

Closed

Assignee:: Quach Hao Thien

Reporter:: Anh Vu

Team:: DeveloperX

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 08/Sep/23 5:38 AM

Updated:: 17/Jan/24 8:32 AM

Resolved:: 19/Dec/23 7:12 AM

Date of First Response:: 19/Dec/23 7:12 AM

Work Started:: 13/Dec/23 7:33 AM

Estimated:

Not Specified

Remaining:

Not Specified

Logged:

1.75d