User role error on the Loud ML page: Failed to retrieve principal from context #11
Description
We have an error when trying to view the Loud ML model page, (as org Viewer). Btw I'm also super admin when running this test.
As a workaround, we can rollback the EnsureViewer() and EnsureEditor() wrappers in the go source code.
Journal logs:
Sep 27 08:52:32 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:32Z" level=error msg="Failed to retrieve principal from context" component="role_auth" method=GET remote_addr="151.127.2.123:57184" url=/loudml/api/models
Sep 27 08:52:32 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:32Z" level=error msg="Error message User is not authorized" component=server http_status =403
Sep 27 08:52:46 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:46Z" level=error msg="Failed to retrieve principal from context" component="role_auth" method=GET remote_addr="151.127.2.123:57176" url=/loudml/api/datasources
Sep 27 08:52:46 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:46Z" level=error msg="Error message User is not authorized" component=server http_status =403
Sep 27 08:52:48 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:48Z" level=error msg="Failed to retrieve principal from context" component="role_auth" method=GET remote_addr="151.127.2.123:56814" url=/loudml/api/datasources
Sep 27 08:52:48 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:48Z" level=error msg="Error message User is not authorized" component=server http_status =403
Sep 27 08:52:52 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:52Z" level=error msg="Failed to retrieve principal from context" component="role_auth" method=GET remote_addr="151.127.2.123:57182" url=/loudml/api/datasources
Sep 27 08:52:52 scw-d729fc chronograf[11888]: time="2018-09-27T08:52:52Z" level=error msg="Error message User is not authorized" component=server http_status =403
Sep 27 08:57:20 scw-d729fc chronograf[11888]: time="2018-09-27T08:57:20Z" level=error msg="Failed to retrieve principal from context" component="role_auth" method=GET remote_addr="151.127.2.123:57182" url=/loudml/api/models
Sep 27 08:57:20 scw-d729fc chronograf[11888]: time="2018-09-27T08:57:20Z" level=error msg="Error message User is not authorized" component=server http_status =403
Sep 27 09:14:07 scw-d729fc chronograf[15684]: time="2018-09-27T09:14:07Z" level=info msg="Response: Internal Server Error" component=server method=POST remote_addr="151.127.2.123:58468" response_time=21.526568ms status=500
The workaround patch:
diff --git a/server/mux.go b/server/mux.go
index 4740608..3c4bfa1 100644
--- a/server/mux.go
+++ b/server/mux.go
@@ -248,12 +248,12 @@ func NewMux(opts MuxOpts, service Service) http.Handler {
router.DELETE("/chronograf/v1/sources/:id/kapacitors/:kid/proxy", EnsureEditor(service.ProxyDelete))
// LoudML Proxy
- router.GET("/loudml/api", EnsureViewer(service.LoudMLProxyGet))
- router.GET("/loudml/api/*path", EnsureViewer(service.LoudMLProxyGet))
- router.POST("/loudml/api/*path", EnsureEditor(service.LoudMLProxyPost))
- router.PATCH("/loudml/api/*path", EnsureEditor(service.LoudMLProxyPatch))
- router.PUT("/loudml/api/*path", EnsureEditor(service.LoudMLProxyPut))
- router.DELETE("/loudml/api/*path", EnsureEditor(service.LoudMLProxyDelete))
+ router.GET("/loudml/api", service.LoudMLProxyGet)
+ router.GET("/loudml/api/*path", service.LoudMLProxyGet)
+ router.POST("/loudml/api/*path", service.LoudMLProxyPost)
+ router.PATCH("/loudml/api/*path", service.LoudMLProxyPatch)
+ router.PUT("/loudml/api/*path", service.LoudMLProxyPut)
+ router.DELETE("/loudml/api/*path", service.LoudMLProxyDelete)
// Layouts
router.GET("/chronograf/v1/layouts", EnsureViewer(service.Layouts))