Hi!
BItbucket 5.13.4
We are trying to use the restrictions REST Api
https://docs.atlassian.com/bitbucket-server/rest/5.0.1/bitbucket-ref-restriction-rest.html
We want to add/remove Repository Branch Restrictions via REST.
We are using a user with SYS_ADMIN permission and we are able to remove a restriction from a repo but we are not able to add a restriction via REST, we always receive a 401 error with the message
“You are not permitted to access this resource”.
The same user is able to add/remove restrictions via the Bitbucket GUI.
Any idea on what could be the problem would be greatly appreciated!
Thanks in advance,
Hans
Hi @computerpraxis,
Can you please show us the request you’re making? I believe that the GUI uses the public REST API so it seems unlikely that there is a bug - perhaps our REST API documentation is wrong, or there is a problem with your request. Knowing exactly what you tried would help us narrow that down.
Thanks,
Kristy
Developer on Bitbucket Server
Hi Kristy!
Thanx for Your reply!
{"type":"read-only","matcher":{"id":"**","displayId":"**","type":{"id":"PATTERN","name":"Pattern"},"active":true},"users":[],"groups":[],"accessKeys":[]}
This is the reply
statuscode 401
message: You are not permitted to access this resource
exceptionName: com.atlassian.bitbucket.AuthorisationException
Regards,
Hans
Hi!
Using the Chrome Developer Tools I see a different JSON payload being sent when adding a branch restriction via the GUI:
[{"matcher":{"id":"**","displayId":"**","type":{"id":"PATTERN"}},"scope":{"type":"REPOSITORY","resourceId":2205},"type":"read-only"}]`
So maybe there is aa problem with the docu ?
https://docs.atlassian.com/bitbucket-server/rest/5.0.1/bitbucket-ref-restriction-rest.html
regards,
Hans
Ah, it seems that the GUI uses the bulk interface instead.
I tried your Json payload on 5.13.4 and it seems to work fine:
> curl -v 'http://localhost:7990/bitbucket/rest/branch-permissions/latest/projects/PROJECT_1/repos/rep_1/restrictions' -u admin:admin -H 'Content-Type: application/json' -d '{"type":"read-o
nly","matcher":{"id":"**","displayId":"**","type":{"id":"PATTERN","name":"Pattern"},"active":true},"users":[],"groups":[],"accessKeys":[]}'
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 7990 (#0)
* Server auth using Basic with user 'admin'
> POST /bitbucket/rest/branch-permissions/latest/projects/PROJECT_1/repos/rep_1/restrictions HTTP/1.1
> Host: localhost:7990
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 153
>
* upload completely sent off: 153 out of 153 bytes
< HTTP/1.1 200
< X-AREQUESTID: @MKAMO2x886x91x0
< X-AUSERID: 1
< X-AUSERNAME: admin
< Cache-Control: no-cache, no-transform
< Vary: X-AUSERNAME,Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: application/json;charset=UTF-8
< X-Content-Type-Options: nosniff
< Date: Thu, 22 Apr 2021 04:46:31 GMT
<
* Connection #0 to host localhost left intact
{"id":1,"scope":{"type":"REPOSITORY","resourceId":1},"type":"read-only","matcher":{"id":"**","displayId":"**","type":{"id":"PATTERN","name":"Pattern"},"active":true},"users":[],"groups":[],"accessKeys":[]}
Maybe there is something wrong with the authentication you’re using?
- Are you using basic or bearer authentication?
- Are you using a personal access token or the user’s password?
- If you’re using a personal access token, what permission is it scoped to?
- Do you have basic authentication disabled?
1 Like
Hi!
Thanks for Your investigations!
I found out, that the Url for the REST Call was missing “stash”.
After adding that to the Url, adding a branch permission/restriction worked fine.
Interestingly, the removal of a branch permission/restriction worked fine before, WITHOUT having “stash” in the Url …
Everything works now.
Thanks & Regards,
Hans