1

I have been trying to query for User Stories which descend from the RPM by using the Lookback API in conjunction with the _ItemHierarchy filter. The problem seems to be that the Lookback API wants to return data from all the projects it knows about, but apparently that includes projects which I don't have permission to access. I get the following error when trying to run the query:

"Errors":["Server Error: Your request requires access to a workspace or project for which you do not have permission.  Contact your subscription administrator to request permission."]

I would like it if there was a way to ignore all projects which I don't have access to and just return me the User Stories which my permissions allow me to see. (And possibly alert me to the fact that not all were accessible)

At the very least, I would like a way to catch the TypeError that the API throws when the error is encountered. I tried using try/catch blocks but that doesn't seem to be effective in this context.

johnr
  • 98
  • 6
Conner Reeves
  • 1,381
  • 8
  • 13
  • I can certainly see how this would be frustrating to handle, especially for a complex hierarchy. I concur that enhanced warning messaging would be helpful at the least, and desirable to get data back alongside perhaps a warning that includes the number of artifacts excluded due to permissions restrictions. I've asked the Rally developers to weigh in here for some further input - stay tuned. –  Apr 11 '13 at 19:24
  • For the time being, I have found a workaround for this by first using the WSAPI to query for all projects viewable by the user, then passing an array of the object IDs for those projects to the LBAPI so other projects are ignored. Seems to work for now, but it seems like what should be an unnecessary step. – Conner Reeves Apr 11 '13 at 22:06

1 Answers1

0

This is a known issue with the LookbackAPI. There are a few variations of how this problem arises when people are attempting to use the API around permissions.

I will detail them below:

Results contain an artifact that you don't have access to

When accessing the Lookback API you will need to manually specify which projects you wish to access. If you do not restrict the request to an array of projects to the list of projects you have access to the API will try and return data for every project. You can restrict projects in your query like this:

{
  'Project': {'$in':[1,2]}
}

Results contain an artifact that was once in a project you don't have access to now

The second and far more devious version of the same permissions problem happens when stories are moved around projects. If at a previous point in time one of the stories that you are querying on was in a project you don't currently have permissions for you will receive an error on your response.

This can cause some confusion situations. For example you can encounter this on a story that was in a project that has been closed. If you didn't have access to this project before it was closed it will appear that you have access to every project and still have issues with your query.

We are working on ways to simplify usage of the Lookback Api with regard to permissions.

One thing that we are learning is that looking into the past adds complexity to the traditional models for enterprise software. The number of odd edge cases we have encountered in the project is a perfect case study for Agile and encompasses things no amount of up front planning could of expected.

Charles Ferentchak
  • 1,237
  • 1
  • 9
  • 14
  • Hi Charles. Is there any reason why my report would work when running the App-debug.html file, but as soon as I put the App.html file into a Custom Html page in Rally I get the "Your request requires access to a workspace or project for which you do not have permission. Contact your subscription administrator to request permission." The data I am seeing directly relates to the same project that I have selected in Rally. – becnelli Mar 13 '14 at 20:30