Developer

 View Only
last person joined: 7 days ago 

Back to discussions
Expand all | Collapse all

Guest API - delete a device

This thread has been viewed 31 times

  • 1.  Guest API - delete a device

    Posted Jan 26, 2021 01:42 PM
    Hello,

    I'm playing with the Guest API, I have been able to retrieve lists of devices, but am now trying to delete a device, but I get the following returned:

    {"validation_messages":{"role_id":{"error":"Invalid role_id","_options":[]}},"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html","title":"Unprocessable Entity","status":422,"detail":"Invalid role_id"}

    I'm using Python, this is my code:

    def delete_devices(bearer_token, device_id):

    token = bearer_token
    dev_id = device_id

    headers = {
    "Accept": "application/json",
    "Authorization": f"Bearer {token}"
    }

    url = f"https://<cppm_hostname>/api/device/{dev_id}"
    response = requests.request("DELETE", url, headers=headers)
    print(response.text)

    return

    Does anyone know what this error is indicating? Is this an issue with permissions?

    Thank you,

    Guy

    ------------------------------
    Guy Goodrick
    ------------------------------


  • 2.  RE: Guest API - delete a device

    MVP EXPERT
    Posted Jan 27, 2021 12:29 PM
    Did you test using API explorer with the same privs?

    I just tested on 6.9.3 via API Explorer and it deleted as expected.

    ------------------------------
    Tim C
    ------------------------------

    Original Message


  • 3.  RE: Guest API - delete a device

    Posted Jan 27, 2021 01:24 PM
    Hello Tim,

    Ok I tried from the explorer and it failed with:

    {
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html",
  "title": "Forbidden",
  "status": 403,
  "detail": "Forbidden"
}

    But it's different because using the API explorer I can't even perform a get on a device ID (which I can do fine from my script).

    The API client I am logging in with is using the 'API Guest Operator' profile. I noticed that that didn't have "API Documentation" access so I have granted that, but still I get forbidden when using the API explorer. I can obtain the authentication token ok, but then nothing.

    The device rights for that profile are:

    Create New Device Full Access
    Export Devices Read Only
    Manage Devices Full Access

    Using the Python script I pulled the privileges and they show as:

    {"privileges":["#guest_customize","#guest_export","#guest_sessions_history","#mac_export","#soap_config","?api_index","?guestmanager","?mac","?sms-admin","?smtp","api_docs","apigility","change_expiration","create_multi","create_user","full-user-control","guest_multi","guest_sessions","guest_show_details","guest_users","mac_create","mac_list","remove_account","reset_password","sms-receipt","smtp_send","soap_api","soap_services","xmlrpc"]}

    Is that missing something?

    ------------------------------
    Guy Goodrick
    ------------------------------

    Original Message


  • 4.  RE: Guest API - delete a device

    Posted Feb 02, 2021 12:04 PM
    Sorry, I'm still struggling with this, in the Guest logs the failed call looks like:

    Client:    x.x.x.x:44922
App User:  oauth2:GuysPC
Script:    /guest/apigility.php
Function:  _LogApiCall
Details:   array (
  'input' => array (
    'request_method' => 'DELETE',
    'request_uri' => '/api/device/5440',
    'request_uri_decoded' => '/api/device/5440',
    'body_params' => array (
    ),
  ),
  'output' => array (
    'api_problem' => array (
      'validation_messages' => array (
        'role_id' => array (
          'error' => 'Invalid role_id',
          '_options' => array (
          ),
        ),
      ),
      'type' => 'http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html',
      'title' => 'Unprocessable Entity',
      'status' => 422,
      'detail' => 'Invalid role_id',
    ),
  ),
  'time_elapsed' => 0.087123155593872,
)

    I don't understand what role_id has to do with this, but this is my first attempt at updating/deleting a device so I expect I've got something skewiff. I'm using client_credentials as my grant_type, getting a token like this:

    def get_token(client,secret):

    client_id = client
    client_secret = secret

    # Get an OAuth token
    token_url = "https://hostname/api/oauth"

    payload = {
    "grant_type": "client_credentials",
    "client_id": client_id,
    "client_secret": client_secret
    }
    headers = {
    "Accept": "application/json",
    "Content-Type": "application/json"
    }

    response = requests.request("POST", token_url, json=payload, headers=headers)

    if response.status_code == 200:

    response_dict = response.json()
    token = response_dict["access_token"]
    return token

    else:
    raise Exception("response code not 200 when trying to obtain OAuth token")


    That seems to work, and I can get device details fine using the token.

    I read the getting started guide and it seems fine (though that does use password as the grant type).

    Any pointers much appreciated. Thanks


    ------------------------------
    Guy Goodrick
    ------------------------------

    Original Message


  • 5.  RE: Guest API - delete a device

    MVP EXPERT
    Posted Feb 02, 2021 12:28 PM
    Are you running 6.9.3? You may be hitting a bug.

    ------------------------------
    Tim C
    ------------------------------

    Original Message


  • 6.  RE: Guest API - delete a device

    Posted Feb 02, 2021 12:57 PM
    Ah no we're not, but we are due to upgrade in a couple of weeks to solve another bug so I'll test again after that. Thank you

    ------------------------------
    Guy Goodrick
    ------------------------------

    Original Message