Exposing Rest API to insert records into Database using cuba

Support
#1

Hi,

Iam exposing Rest API to insert records into Database using cuba platform. iam getting below error. Also, How to get tokens.

{

"error": "unauthorized",

"error_description": "An Authentication object was not found in the SecurityContext"

}

image

#2

Hi,

All REST API endpoints are secured by default. You need to get OAuth token to get an access to the REST API. See the documentation.

#3

From where we can get the Bearer token

#4

REST API access example is described in the documentation: CUBA REST API

I posted the URL in my previous message. Please let me know if you have any further questions or the example is not clear.

#5

Hi i have done as per the documentation and getting below error.

<!doctype html>HTTP Status 500 – Internal Server Errorh1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 22px;
} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 16px;
} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 14px;
} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;
} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;
} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size: 12px;
} a {color:black;
} a.name {color:black;
} .line {height: 1px;background-color:#525D76;border:none;
}

HTTP Status 500 – Internal Server Error

Type Exception Report

Message There is no PasswordEncoder mapped for the id "null"

Description The server encountered an unexpected condition that prevented it from fulfilling the request.

Exception

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id “null”

org.springframework.security.crypto.password.DelegatingPasswordEncoder$UnmappedIdPasswordEncoder.matches(DelegatingPasswordEncoder.java: 250)

org.springframework.security.crypto.password.DelegatingPasswordEncoder.matches(DelegatingPasswordEncoder.java: 198)

org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java: 90)

org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java: 166)

org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java: 175)

org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java: 195)

org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java: 168)

org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 119)

org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java: 334)

org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java: 92)

org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 119)

org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java: 334)

org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java: 92)

org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java: 77)

org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 119)

org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java: 334)

org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java: 56)

org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 119)

org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java: 334)

org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java: 105)

org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java: 334)

org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java: 215)

org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java: 178)

org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java: 358)

org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java: 271)

org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java: 53)

org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java: 108)

org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java: 74)

com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java: 93)

Note The full stack trace of the root cause is available in the server logs.

Apache Tomcat/9.0.27

image

image

#6

Hi, please use

cuba.rest.client.id=client
cuba.rest.client.secret={noop}secret

And do not forget to assign rest-api-access role to a corresponding user (admin, I believe)

I’ve create the issue for the documentation update, really sorry for the confusion.

#7

Hi.
I have done the changes and created user in admin and getting below error.
In Authorization tab iam giving username:client and password:secret, Please let me know whether it is correct or not.

image

image

#8

If you want to get the auth token for an admin user, you should:

  1. Assign the role rest-api-access to the admin user

image

  1. Use the following auth parameters:

image

and the following method body (as described in the documentation)

image

Please note that usernames and passwords might be different for your application instance.

#9

Hi Andrey belyaev,

Thank you it’s working fine now.

Now iam trying to insert data in to mysql database using cuba. getting below error.

<!doctype html>HTTP Status 405 – Method Not Allowedh1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 22px;

} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 16px;

} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size: 14px;

} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;

} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;

} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size: 12px;

} a {color:black;

} a.name {color:black;

} .line {height: 1px;background-color:#525D76;border:none;

}

HTTP Status 405 – Method Not Allowed

Type Status Report

Message Request method ‘POST’ not supported

Description The method received in the request-line is known by the origin server but not supported by the target resource.

Apache Tomcat/9.0.27


image
image
#10

I’d suggest using services instead of direct queries.

BTW there is a documentation describing how to use POST in queries.

1 Like
#11

Hi All,

I am currently working on this REST API token creation and have followed all the above steps, and have successfully generated the token.

However, I am currently trying to create entities using POST as per the documentation CUBA REST API

As per the documentation I have given all the necessary parameters in the POST request, but in the response I am getting error as below:

{

** “error”: “Creation forbidden”,**

** “details”: “Creation of the sales$Order is forbidden”**

}

Access Token: a59fcb31-8d94-4275-9724-8e16ea836f2e

Below are screenshots for reference:

Sales Order Entity Class

image
image795×822 77.2 KB

Postman POST request JSON Body

image
image1375×458 42.3 KB

Bearer Token

image
image1493×326 57.8 KB

POST response

image
image1501×214 30.9 KB

Rest API access

image
image1568×628 55.6 KB

Kindly Help. Thanks in advance

#12

According to the last screenshot, you don’t have the create privilege for the Order entity. Please create a separate role with the scope REST and proper privileges for entities.

#13

Hi Andrey,

Thank you this is working fine now.

Now I am trying to execute Select Queries using POST request as per documentation link.
https://doc.cuba-platform.com/restapi-7.2/#rest_api_v2_ex_query_post

However, I am getting 500 Internal Server in the response body. Kindly help.
Screenshots below.

rest-queries.xml

image
image1135×492 65.3 KB

Postman response

image
image1374×652 59.3 KB

Thanks in Advance!!

#14

Could you attach log files please?

#15

Hi Andrey,

Thanks, I have resolved this issue. I was not providing a JSON array in the POST body due to which this error was happening.

I am now trying to execute Select queries using GET requests, but in response, I am not getting all the attributes of the objects. I am receiving only the entityName and id attributes in response. Please check if anything is wrong. Screenshots below.

rest-queries.xml
image

postman response
image

#16

What are the security settings or the entity’s attributes assigned to the role used to fetch the data?

#17

Hi Andrey,

Apologies for the delayed response.

Security settings and Entity’s attributes are given full permissions for the role as per below screenshots. Kindly check.

image

image

#18

If it still doesn’t work, could you provide a minimal example if possible, please?

#19

I am attaching my POC code here, if that helps.

New folder.zip (348.7 KB)

#20

Here is the GET request as well.

http://localhost:8585/app/rest/v2/queries/sales$Order/ordersAfterDate?startDate=2016-09-01&endDate=2020-11-30