Description of problem: Candlepin will return a 403 "insufficient permissions" error instead of a 404 for the super admin user if the resource it is looking for doesn't exist. Version-Release number of selected component (if applicable): 0.4.10 How reproducible: 100% Steps to Reproduce: 1. issue a request to candlepin for a owner that doesn't exist http://<url_to_candlepin>/candlepin/owners/bogusowner Actual results: 403 "insufficient permissions" Expected results: 404 "not found" Additional info:
Created attachment 517680 [details] trace from the 403 error
Fixed in 30caf1ecfb3c73d721ccc0fe3346ec4ce25d2ee6 in master candlepin.
Looks like the correct error message shows now: [jmolet@jmolet ~]$ curl -k -u admin:admin GET https://mgmt5.rhq.lab.eng.bos.redhat.com:8443/candlepin/owners/bogusowner | json_reformat curl: (6) Could not resolve host: GET; Cannot allocate memory % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 64 100 64 0 0 201 0 --:--:-- --:--:-- --:--:-- 260 { "displayMessage": "Owner with id bogusowner could not be found" } candlepin: "version": "0.4.10"