Troubleshooting
Problem
User encounters unexpected results based upon their assigned their assigned role(s) and associated permissions
Diagnosing The Problem
Section 1: Actions required by each user who is experiencing the problem
- Login to API Manager UI with their username and password
- Open up the Network developer tools for the browser (see Reference 1 below)
- Replace the URL in the browser with the following and submit the request:
- 'https://<apim hostname>/apim/proxy/me/orgs/<
org ID>/permissions?expand=true'
- 'https://<apim hostname>/apim/proxy/me/orgs/<
- Within the Network tab of the browser developer tools
- Select the request `/permissions?expand=true`
- Select the `response` or `response body` tab (see Reference 2 below)
- Copy the contents of response body and save it as username_permissions.json
Section 2: Actions required by an administrative user of the organization:
- Login to API Manager UI as admin
- Take a screenshot of the affected user(s) from the Members tab of Admin in the API Manager which includes all role columns and has all of the rows (organizations & catalogs) expanded:
- `https://<apim host/apim/#/admin/users`
- For each role which the user has, take screenshots of the permissions for the role(s) at organizational level, catalog level, and space level (if applicable)
- Organizational level:
- Navigate to Admin --> Roles - `https://<apim hostname>/apim/#/admin/roles`
- Catalog level:
- Navigate to Dashboard --> <catalog> --> settings ->> roles - `https://<apim hostname>/apim/#/catalogs/<catalog UID>/settings`
- Space level:
- Select the space in the Catalog dropdown --> settings --> roles - `https://<apim hostname>/apim/#/catalogs/<catalog UID>/spaces/<space UID>/settings
- Organizational level:
Section 3: Details about the unexpected behavior for the user(s)
- Provide information about the actions or resources for which the user encounters the unexpected behavior. For example:
- User A can add members in catalog X but should only be able to add members to catalog Y
- User B cannot process approvals in Catalog Z
- When making the following REST call <paste REST call> User C receives a 403 error
Submit the following files and information to the case:
- For each affected user, username_permissions.json file from Step 4 of Section 1
- For each affected user, screenshot(s) from Step 2 of Section 2
- For each role, screenshot(s) from Step 3 of Section 2 (should include screenshots for each level)
- Details about the unexpected behavior for the user(s) requested in Section 3
Reference 1: Accessing developer tools within various browsers
- Chrome - https://developers.google.com/
web/tools/chrome-devtools/netw ork-performance/reference#prev iew - Copy the JSON output from the preview tab or the contents of the response tab
- Firefox - https://developer.mozilla.org/
en-US/docs/Tools/Network_Monit or#Response - Copy the contents of the response tab
- Internet Explorer / Edge - https://docs.microsoft.com/en-
us/microsoft-edge/devtools-gui de/network#request-details - Click on the “Body” tab and then copy the contents of the “response body”
Reference 2: Example of `response` tab within Network developer tools for GET call to `permissions?expand=true`
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Component":"Management","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"5.0.8.x","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
15 October 2018
UID
ibm10734777