Bug 701854

Summary: mvn publican-push should return 403 (Forbidden) when pushing source by a non-maintainer
Product: [Retired] Zanata Reporter: Kenichi Takemura <ktakemur>
Component: Component-MavenAssignee: Alex Eng <aeng>
Status: CLOSED WORKSFORME QA Contact: Zanata-QA Mailling List <zanata-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 2.0CC: djansen, ebaak, mkim, sflaniga, zanata-bugs
Target Milestone: ---Keywords: TestBlocker
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-02-28 05:19:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Kenichi Takemura 2011-05-04 04:34:51 UTC 
Description of problem:

Command line 'mvn zanata:publican-push -Dzanata.srcDir=./RHEL_5-7' fails due to 401 error in my environment.

$ mvn zanata:publican-push -Dzanata.srcDir=./RHEL_5-7 -Dzanata.sourceLang=ja-JP
/usr/lib/jvm/java
[INFO] Scanning for projects...
*DEBUG*: Putting in plugin descriptor list org.zanata:zanata-maven-plugin:1.3-alpha-1 and goal prefix is zanata
*DEBUG*: Putting in plugin descriptor list org.zanata:zanata-maven-plugin:1.3-alpha-1 and goal prefix is zanata
*DEBUG*: Constructed plugin version key is org.zanata:zanata-maven-plugin:1.3-alpha-1
*DEBUG*: Constructed plugin version key is org.zanata:zanata-maven-plugin:1.3-alpha-1
[INFO] ------------------------------------------------------------------------
[INFO] Building Unnamed - null:null:jar:0
[INFO]    task-segment: [zanata:publican-push]
[INFO] ------------------------------------------------------------------------
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/home/ktakemur/.m2/repository/org/slf4j/slf4j-log4j12/1.6.1/slf4j-log4j12-1.6.1.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/usr/share/maven2/lib/slf4j_jdk14.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/usr/share/maven2/lib/slf4j_nop.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
[INFO] [zanata:publican-push {execution: default-cli}]
[INFO] Loading project config from /home/ktakemur/Zanata/IEEETestPlan/zanata.xml
[INFO] Loading user config from /home/ktakemur/.config/zanata.ini
[INFO] Flies client API version: 1.3-alpha-1, Flies server API version: 1.3-alpha-1
[INFO] Server: http://10.64.12.214:8080/zanata/
[INFO] Project: IEEETestPlan
[INFO] Version: 1.0
[INFO] Username: kenichi
[INFO] Source language: ja-JP
[INFO] Copy previous translations: true
[INFO] Importing source documents only
[INFO] POT directory (originals): /home/ktakemur/Zanata/IEEETestPlan/RHEL_5-7/pot
This will overwrite/delete any existing documents on the server.
Are you sure (y/n)? y
[INFO] pushing source document [name=Chapters/Features_to_be_tested/pygrub] to server
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Zanata mojo exception

Embedded error: operation returned 401 (Unauthorized): <html><head><title>JBoss Web/2.1.3 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>JBoss Web/2.1.3</h3></body></html>, uri: http://10.64.12.214:8080/zanata/rest/projects/p/IEEETestPlan/iterations/i/1.0/r, annotations: [@javax.ws.rs.PUT(), @javax.ws.rs.Path(value={id})]


Version-Release number of selected component (if applicable):
Zanata version 1.3-alpha-1 (20110330-1649). 

How reproducible:
100%

Steps to Reproduce:
1. Install Zanata web
2. Set up mvn client
3. Run $ mvn zanata:publican-push -Dzanata.srcDir=./RHEL_5-7
  
Actual results:
Fails due to 401 (Unauthorized)

Expected results:
Po files imported or so.

Additional info:
Comment 1 Kenichi Takemura 2011-05-04 23:36:43 UTC 
I think this is a test blocker. Set higher priority and keyword.
Please provide information about work-around.

Thanks!
Comment 2 Sean Flanigan 2011-05-05 02:44:49 UTC 
Please check that the API key in zanata.ini matches the key in your profile page.  Also, please attach the end of your server.log (eg /opt/jboss-ewp-5.0/jboss-as-web/server/default/log/server.log).
Comment 3 Kenichi Takemura 2011-05-05 03:16:36 UTC 
(In reply to comment #2)
> Please check that the API key in zanata.ini matches the key in your profile
> page.  Also, please attach the end of your server.log (eg
> /opt/jboss-ewp-5.0/jboss-as-web/server/default/log/server.log).

When I set wrong API key purposely, the error looks different.

Embedded error: Error status 401 Unauthorized returned

I confirmed the API key is ok.
I paste in here from the log file, the log produced when I ran the mvn command.

2011-05-05 03:04:29,796 INFO  [net.openl10n.flies.action.AuthenticationEvents] (http-unused-12-214.bne.redhat.com%2F10.64.12.214-8080-1) Account kenichi authenticated
2011-05-05 03:04:39,111 INFO  [net.openl10n.flies.action.AuthenticationEvents] (http-unused-12-214.bne.redhat.com%2F10.64.12.214-8080-1) Account kenichi authenticated
2011-05-05 03:04:39,552 INFO  [net.openl10n.flies.action.AuthenticationEvents] (http-unused-12-214.bne.redhat.com%2F10.64.12.214-8080-1) Account kenichi authenticated
Comment 4 Kenichi Takemura 2011-05-05 03:32:11 UTC 
Hi it works now. I just knew username should be in the project maintainer.
But i think error message does not look properly.

I will change summary to request for change of error message.
Comment 5 Kenichi Takemura 2011-05-05 04:27:05 UTC 
When username in zanata.ini does not belong to the project maintainer, mvn zanata:publican-push command fails in

operation returned 401 (Unauthorized):

but this should be corrected to let user know about he/she needs to join the project maintainer. 

And...why the error message has html format?
Comment 6 Sean Flanigan 2011-09-07 04:32:51 UTC 
Assigning to Scrum product owner for prioritisation.
Comment 7 Runa Bhattacharjee 2012-07-30 14:06:27 UTC 
Is this still a problem on the newer versions? Thanks.
Comment 8 Sean Flanigan 2012-11-20 02:55:22 UTC 
I don't think the situation has changed, but on reflection I think the server should be using 403 FORBIDDEN for this, not 401.  And the Java client should handle the error in a friendlier way.
Comment 9 Ding-Yi Chen 2013-02-07 00:37:00 UTC 
Tested with maven client 2.0.2-SNAPSHOT.

Yes, maven client does return 401 if the user is not a project maintainer.

I suggest the error message should be:

  You should be a project maintainer to be able to push sources to this project.

I will also change the title from
     mvn zanata:publican-push is rejected due to 401 (Unauthorized) when username does not belong to the project maintainer

to:
     mvn publican-push should retrun 403 (Forbidden) when pushing source by a non-maintainer.
Comment 10 Damian Jansen 2014-02-28 05:19:57 UTC 
Retested at 54d204020b600be1e8e3c1a9a357a0e02e832861

[ERROR] Failed to execute goal org.zanata:zanata-maven-plugin:3.3.0:push (default-cli) on project standalone-pom: Zanata mojo exception: Server returned error status: 403. Error message: You do not have permission to upload source documents to project-version "skynet:1". -> [Help 1]