Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent Role Validation in /corporations/{corporation_id}/roles/ Endpoint #1386

Open
6 tasks done
JamboChen opened this issue Jul 13, 2024 · 0 comments
Open
6 tasks done

Inconsistent Role Validation in /corporations/{corporation_id}/roles/ Endpoint #1386

JamboChen opened this issue Jul 13, 2024 · 0 comments
Labels
bug esi-corporations

Comments

@JamboChen
Copy link

Bug

When attempting to retrieve the roles of a corporation using the /corporations/{corporation_id}/roles/ endpoint, an error is returned stating that the character doesn't have the required role(s), despite the character possessing the Personnel_Manager role.

The endpoint documentation states: "Return the roles of all members if the character has the personnel manager role or any grantable role." According to this description, I should receive a 200 response. Additionally, in-game, I can view the roles of corporation members, even though I cannot edit them.

Request

GET /latest/corporations/{corporation_id}/roles/?datasource=tranquility

Response

Status Code

403

Headers

Include relevant headers received. Timestamps and request ID is nice, you may not have all these values, fill out what you received (don't worry about headers not listed here, unless pertinent to your issue). E.g.:

 access-control-allow-credentials: true 
 access-control-allow-headers: Content-Type,Authorization,If-None-Match,X-User-Agent 
 access-control-allow-methods: GET,HEAD,OPTIONS 
 access-control-allow-origin: * 
 access-control-expose-headers: Content-Type,Warning,ETag,X-Pages,X-ESI-Error-Limit-Remain,X-ESI-Error-Limit-Reset 
 access-control-max-age: 600 
 allow: GET,HEAD,OPTIONS 
 content-length: 65 
 content-type: application/json; charset=UTF-8 
 date: Sat, 13 Jul 2024 19:00:06 GMT 
 strict-transport-security: max-age=31536000 
 x-esi-error-limit-remain: 99 
 x-esi-error-limit-reset: 54 
 x-esi-request-id: 537b52ff-8e23-4937-8145-e97a529ccec7

Body

Please provide the response body, feel free to scrub any opsec details you wish. E.g.:

{
  "error": "The given character doesn't have the required role(s)"
}

Expected

200

Additional Details

The /characters/{character_id}/roles/ endpoint returns the following roles for the character:

{
  "roles": [
    "Personnel_Manager",
    "Security_Officer",
    "Account_Take_2",
    "Brand_Manager",
    "Rent_Office",
    "Junior_Accountant",
    "Communications_Officer",
    "Contract_Manager",
    "Fitting_Manager",
    "Skill_Plan_Manager"
  ]
}

This confirms that the character has the Personnel_Manager role, which should be sufficient according to the documentation for accessing the list of roles in a corporation. I have verified that the corporation_id is correct, and in-game, I can view the roles of the corporation members but cannot edit them.

Checklist

Check all boxes that apply to this issue:

  • Bug description is provided
  • Request path is provided
  • Response status code is provided
  • Response headers are provided
  • Response body is provided
  • Expected response is provided
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug esi-corporations
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Blacksmoke16 @JamboChen