Defect #6667
openREST API call with POST/PUT
0%
Description
Hi,
I could not able to create a project OR issue using redmine API call.
just wanted to know, whether I made any mistake on the following CURL command for creating a new project:
================================================================
curl -X POST -d '
<projects type="array">
<project>
<name>Redmine</name>
<identifier>redmine</identifier>
<description>Redmine is a flexible project management web application written using Ruby on Rails framework.</description>
</project>
</projects>' -H 'Content-type:application/xml' -u asami morita http://hostname/projects.xml
=======================================================================
Thanks
Updated by Felix Schäfer about 14 years ago
Have you activated the REST API? What error are you getting from that command (use -v
to see what HTTP error exactly your redmine returns)? What error does that call yield in the redmine log (log/development.log
or log/production.log
)?
Updated by Afsar Red about 14 years ago
Thanks for the quick response, Felix.
It gives the following error message, when I place verbose option.
.
.
.
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache/2.2.14 (Ubuntu) Server at development.avonvoices.com Port 80</address>
</body></html>
.
.
.
In the meantime, I could be able to get the list of projects by the following command using the same username and password:
curl -u asami morita -G http://host/projects.xml?key=......................................... -v
Thanks
Updated by Holger Just about 14 years ago
The REST API does not use your username and password via basic auth. Instead, each account has an assigned key (which you can find in the sidebar at http://yourredmine.com/my/account. That key is used exclusively for authentication, as you have done in your second example. The username and password were ignored completely.
Updated by Afsar Red about 14 years ago
Holger,
Thanks for the followup.
From the documentation(http://www.redmine.org/wiki/redmine/Rest_Projects), I found that, it could be able create a project by the following command:
curl -X POST -d '<project><name>Redmine</name><identifier>redmin</identifier><description>Redmine is a flexible project management web application written using Ruby on Rails framework.</description></project>' -H 'Content-type:application/xml' http://hostname/projects.xml?key=...............................................
But, still I could not be able to create a new project. Note that I removed -u option from the command. Could you please look into this .
Updated by Tomasz Muszyński about 14 years ago
- Assignee set to Jean-Philippe Lang
I've modified one line of code to get this working.
url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id], :key => params[:key])
was changed in this code fragment in app/controllers/application_controller.rb:
def require_login if !User.current.logged? # Extract only the basic url parameters on non-GET requests if request.get? url = url_for(params) else url = url_for(:controller => params[:controller], :action => params[:action], :id => params[:id], :project_id => params[:project_id]) end respond_to do |format| format.html { redirect_to :controller => "account", :action => "login", :back_url => url } format.atom { redirect_to :controller => "account", :action => "login", :back_url => url } format.xml { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' } format.js { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' } format.json { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' } end return false end true end
Unfortunately, i'm not a ruby programmer, so i'm not sure that above change is enough, but it's working for me.
Above solution fixes closed bug #6447 which is still not working properly. Jean, I've assigned it to you as you closed #6447 :)
Updated by RedminePro Yang almost 13 years ago
Holger Just wrote:
The REST API does not use your username and password via basic auth. Instead, each account has an assigned key (which you can find in the sidebar at http://yourredmine.com/my/account. That key is used exclusively for authentication, as you have done in your second example. The username and password were ignored completely.
Why the API Access Key is not showed in http://demo.redmine.org/my/account any more?