3

Recently I have been unable to use apps which utilize the Lookback API which have worked with my account in the past. After looking at the console, it appears I am getting an Error 403 when the request is being made to the server. I had some co-workers try to access the API as well but we all received the same error.

Is the Lookback API having issues right now? Or is the error on our end?

johnr
  • 98
  • 6
Conner Reeves
  • 1,381
  • 8
  • 13
  • What URL/path are you attempting to access in your query? I just ran a couple of example queries against workspaces to which I have access and they succeeded. If you're accessing a valid endpoint without authentication, you should get a 401. The current URL looks like this: `https://rally1.rallydev.com/analytics/v2.0/service/rally/workspace/12345678910/artifact/snapshot/query.js?find={"ScheduleState":"In-Progress"}` - where 12345678910 is the OID of your workspace of interest. –  Jan 07 '13 at 18:21
  • I am using the SnapshotStore feature with the 2.0p5 API detailed here: http://developer.rallydev.com/apps/2.0p5/doc/#!/api/Rally.data.lookback.SnapshotStore I tried loading the string you provided with my project OID and got the same Error 403. I can access the project with no problems at rally1.rallydev.com but any time the lookback API attempts to make a request, I get that error. – Conner Reeves Jan 07 '13 at 19:11
  • It looks like if I explicitly specify an 'ObjectID' or '_ItemHierarchy' in the request than it loads correctly. I do not remember having to do this in the past... What if I want to pull all data within the current scope? – Conner Reeves Jan 07 '13 at 19:24
  • Can you post an excerpt of your Snapshotstore code that used to work and now generates the 403? –  Jan 08 '13 at 00:24
  • http://jsfiddle.net/9znqS/ Pretty straight forward but it looks like the request is saying I'm unauthorized for certain projects. My permissions have not been changed and this query was working perfectly before the new years. – Conner Reeves Jan 08 '13 at 16:46
  • Perhaps you could file a Case with Rally Support? I've tried your code for a variety of workspace/project scopings and still can't get a 403 - wondering if this maybe specific to your Workspace? Anyway - probably this would be most readily handled via Support. –  Jan 08 '13 at 18:46

2 Answers2

2

The error indicates that the query touched projects for which the user does not have permission to see. Adding _ProjectHierarchy to the criteria changes the scope and limits the results to projects within that hierarchy. For example, a query like:

{ "PlanEstimate" : 5 }

will try to return all snapshots in the workspace with a plan estimate of 5. Changing it to:

{ "PlanEstimate" : 5, "_ProjectHierarchy" : 1234 }

changes the results to be all snapshots in project 1234 or one of its children with a plan estimate of 5, potentially a very different set of results. If the user has access to all projects in the workspace, then they should not have gotten the error. The user can check that by doing an ALM WSAPI (https://rally1.rallydev.com/slm/doc/webservice) query against Project looking for (ObjectID = 1177026886 ) etc. I think that will return no results or an error if the user does not have access to the project.

If the same query was working before the new year, it is possible that new projects have been added to the workspace since then without the needed permissions.

SchmitzIT
  • 9,227
  • 9
  • 65
  • 92
Jeff Ellis
  • 21
  • 2
1

It appears as though either an "_ItemHierarchy" (RPM) or "_ProjectHierarchy" (Projects) must now be specified. I added the following line to my Lookback API query and the request completed successfully:

 { property: '_ProjectHierarchy', value: this.getContext().getProject().ObjectID }
Conner Reeves
  • 1,381
  • 8
  • 13