dhis2-devs team mailing list archive

Thread
Date

Re: Need help to identify proper authorities to make API calls in DHIS

To: Rajeswari Gottipati <rajeswag@xxxxxxxxxxxxxxxx>
From: Morten Olav Hansen <morten@xxxxxxxxx>
Date: Thu, 16 Aug 2018 15:06:27 +0700
Cc: Evgenia ZELIKOVA <evgenia.zelikova@xxxxxxxxxxxxx>, Thomas RODRIGUEZ <thomas.rodriguez@xxxxxxxxxxxxx>, twmsf <twmsf@xxxxxxxxxxxxxxxx>, Anceline DUPOUY <anceline.dupouy@xxxxxxxxxxxxx>, Megan McGuire <megan.mcguire@xxxxxxxxxxxxxxx>, dhis2-devs <dhis2-devs@xxxxxxxxxxxxxxxxxxx>, Kristina Reinhardt <kristina.reinhardt@xxxxxxxxxxxxxxx>, Sonia Diverres <sonia.diverres@xxxxxxxxxxxxx>
In-reply-to: <CAPG-U+6XFYMEAo8i8Yw9B7oovjsWj-dwHmp8VJgwj-tcDcpfsQ@mail.gmail.com>

Hi

This sounds like a bug to me (seems we are not properly filtering the
paging component of the result). Would you mind filing a issue at
jira.dhis2.org ? (if you have already, please let me know the issue number)

-- 
Morten Olav Hansen
Senior Engineer, DHIS 2
Team Integration Lead
University of Oslo
http://www.dhis2.org


On Thu, Aug 16, 2018 at 2:15 PM Rajeswari Gottipati <
rajeswag@xxxxxxxxxxxxxxxx> wrote:

> Hi DHIS Team,
>
> Can you please respond to our query.
>
> On Mon, Aug 13, 2018 at 3:31 PM, Rajeswari Gottipati <
> rajeswag@xxxxxxxxxxxxxxxx> wrote:
>
>> Hi DHIS Team,
>>
>> We are planning to use DHIS OAuth in our application.
>> We want to make API calls to view/add/update/delete the events,
>> programs, dataSets, dataValues etc. For this we want to figure out minimum
>> list of authorities so that access token generated from the user's login
>> detail should be able to make api calls.
>>
>> *Requirement* :
>> We require a user login that can make api calls to fetch data, but they
>> should not be able to update data directly through DHIS.
>>
>> *What we tried : *
>> We tried to assign selective authorities to the particular user role and
>> we have following observation :
>> 1. When we assign no authorities to the user role, and make api call for
>> events we got below response
>>
>>
>> *{"pager":{"page":1,"pageCount":2,"total":1365,"pageSize":1000},"events":[]}%*
>>
>> NO events came in the response json in spite of events present in the
>> system.
>>
>> 2. When we assign all authorities except '*ALL*' to the user role, and
>> make api call for events we got the same response as above.
>>
>>
>> *{"pager":{"page":1,"pageCount":2,"total":1365,"pageSize":1000},"events":[]}%*
>>
>> 3. When we assign the authority '*ALL*' to the user role, and make api
>> call for events we were able to get all the events. This also enables the
>> user to make update data directly from DHIS.
>>
>> Could you please help us to figure out the minimum authority to make API
>> calls?
>>
>> Thanks,
>> Rajeswari & Gaurav.
>>
>
>
>
> --
> Rajeswari Gottipati
> Sr Consultant
> Email rajeswag@xxxxxxxxxxxxxxxx
> Telephone +91 9949292931 <+91%209949292931>
> [image: ThoughtWorks]
> <http://www.thoughtworks.com/?utm_campaign=rajeswari-gottipati-signature&utm_medium=email&utm_source=thoughtworks-email-signature-generator>
>

Follow ups

Re: Need help to identify proper authorities to make API calls in DHIS
From: Rajeswari Gottipati, 2018-08-16

References

Need help to identify proper authorities to make API calls in DHIS
From: Rajeswari Gottipati, 2018-08-13
Re: Need help to identify proper authorities to make API calls in DHIS
From: Rajeswari Gottipati, 2018-08-16