dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #51628
Re: Need help to identify proper authorities to make API calls in DHIS
Hi
This sounds like a bug to me (seems we are not properly filtering the
paging component of the result). Would you mind filing a issue at
jira.dhis2.org ? (if you have already, please let me know the issue number)
--
Morten Olav Hansen
Senior Engineer, DHIS 2
Team Integration Lead
University of Oslo
http://www.dhis2.org
On Thu, Aug 16, 2018 at 2:15 PM Rajeswari Gottipati <
rajeswag@xxxxxxxxxxxxxxxx> wrote:
> Hi DHIS Team,
>
> Can you please respond to our query.
>
> On Mon, Aug 13, 2018 at 3:31 PM, Rajeswari Gottipati <
> rajeswag@xxxxxxxxxxxxxxxx> wrote:
>
>> Hi DHIS Team,
>>
>> We are planning to use DHIS OAuth in our application.
>> We want to make API calls to view/add/update/delete the events,
>> programs, dataSets, dataValues etc. For this we want to figure out minimum
>> list of authorities so that access token generated from the user's login
>> detail should be able to make api calls.
>>
>> *Requirement* :
>> We require a user login that can make api calls to fetch data, but they
>> should not be able to update data directly through DHIS.
>>
>> *What we tried : *
>> We tried to assign selective authorities to the particular user role and
>> we have following observation :
>> 1. When we assign no authorities to the user role, and make api call for
>> events we got below response
>>
>>
>> *{"pager":{"page":1,"pageCount":2,"total":1365,"pageSize":1000},"events":[]}%*
>>
>> NO events came in the response json in spite of events present in the
>> system.
>>
>> 2. When we assign all authorities except '*ALL*' to the user role, and
>> make api call for events we got the same response as above.
>>
>>
>> *{"pager":{"page":1,"pageCount":2,"total":1365,"pageSize":1000},"events":[]}%*
>>
>> 3. When we assign the authority '*ALL*' to the user role, and make api
>> call for events we were able to get all the events. This also enables the
>> user to make update data directly from DHIS.
>>
>> Could you please help us to figure out the minimum authority to make API
>> calls?
>>
>> Thanks,
>> Rajeswari & Gaurav.
>>
>
>
>
> --
> Rajeswari Gottipati
> Sr Consultant
> Email rajeswag@xxxxxxxxxxxxxxxx
> Telephone +91 9949292931 <+91%209949292931>
> [image: ThoughtWorks]
> <http://www.thoughtworks.com/?utm_campaign=rajeswari-gottipati-signature&utm_medium=email&utm_source=thoughtworks-email-signature-generator>
>
Follow ups
References