TestLink

[vincent_morin]

Dear all,

I cannot find the reason why in TestLink integration for Jira REST is supposed work only with httpS.
in lib/issuetrackerintegration/jirarestInterface.class.php
is said clearly: CRITIC - WITH HTTP getIssue() DOES NOT WORK
but why this should not work ?

I am with TL 1.9.13 and Jira 6.2.6 inhouse without httpS
connection then getIssue works fine with most jira users except the one user I am supposed to use in production (the dedicated jira user for testlink).
Also all works fine in soap, even with this jira user that have problem when connect jira/rest.

So I was asking why this was said because I haven't find clear references on this topic.

Thanks so much in advance.

[fman]

>> I cannot find the reason why in TestLink integration for Jira REST is supposed work only with httpS.
>>in lib/issuetrackerintegration/jirarestInterface.class.php
>>is said clearly: CRITIC - WITH HTTP getIssue() DOES NOT WORK
>>but why this should not work ?
because during tests done this was the situation

>> I am with TL 1.9.13 and Jira 6.2.6 inhouse without httpS
>> connection then getIssue works fine with most jira users except the one user I am supposed to use in production (the dedicated jira user for testlink).
How it is supposed that some help can be get with this kind of info ?
most is not same of 100% at least for me.
then most means ALL with exception of dedicated user ?
have you tried to create this dedicated user creating a CLONE of one of users that work ?

>>Also all works fine in soap, even with this jira user that have problem when connect jira/rest.
this does not depend of Testlink but of JIRA, two different API that can work on different way

[vincent_morin]

Thanks a lot for your answer.
That is what I suspected and you confirmed.

I was not waiting for support, I knew I was too specific, this was only explanation of my case and motivation for my question.
Even if I will try what you suggest.

Thanks so much for your work, fman, and this great tool that is TestLink.

[vincent_morin]

I got more work on my issue.
Now with TestLink 1.9.14 (Jira 6.2.6 inhouse http).

I now understand that the jira user I got for connect TestLink to jira does not have the enough rights for the way TestLink works.
I only intend TestLink connect jira to read issues infos. So the jira user I was granted only have read permission on the needed jira projects.

When TestLink try to connect jira it first test the connection using the jira REST API:

user/search/?username=jirauser

This need need enough power to search the users of jira. My jira user does not have such power.

It seems to me that we do not need such power in that case.
I agree we need to test the connexion to jira and also to test if the user exists.
It seems to me it would be enough to use a jira request like
[*]

myself

[*]

user?username=jirauser

(that is not search/user and is simpler)
Both requests exist in jira Rest api v2 (latest) and both works my case.

Mantis 7317 reports idem with solution (my jira admin guys cannot accept)
Mantis 7345 reports same issue I guess and it was closed 'unable to reproduce'.
The fact is the user testlink.forum used in jiraOnDemandCfg.xml example have enough power:
Groups: developers, jira-users, users
Perhaps test could be done with less rights?

I suggest to test the connection using the myself request, so not use the getUser() function in
testlink/third_party/fayp-jira-rest/Jira.php
That way:

public function testLogin()
{
$user = $this->/*getUser*/getMyself($this->request->username);
if (!empty($user) && $this->request->lastRequestStatus()) {
return true;
}
return false;
}

public function getMyself($username)
{
$this->request->openConnect($this->host . 'myself', 'GET');
$this->request->execute();
$user = json_decode($this->request->getResponseBody());
return $user;
}

What do you think I am right?
Does this could be added to TestLink that way?

So, as it was part of the title of this topic, this issue does not concern httpS: it works for me with both http and https.

Thanks for your concern and comments.

[fman]

Thanks for your help

1) I disagree with this kind of topic reuse is wrong and misleading, in addition creating a new topic with right subjct is not time consuming
2) IMHO your explanation add all info that was missed on tickets. The main thing is YOU WANT JUST READ, while I do all tests having in mind CREATE ISSUES from TestLink.
Please open a ticket with a good subject (with relation to the two existent tickets).
Regarding if less right can be used , IMHO it will be great if you can do this tests and provide details.

I've done several test in the past weeks trying to get more insight of kind of screen schemas and permissions in order to have less errors on TL due to missing field on screen JIRA message.

After you will create the ticket I will plan the change on CHECK to understand if JIRA integration is up and running

regards

[vincent_morin]

1) I agree it is best practice.
2) I knew the case where TL connect jira in a read only way is not the main case.
I will open such ticket on Mantis
I agree to give some tests if I can, lets develop in Mantis.

[vincent_morin]

Mantis 7390: Issue Tracker JIRA REST check connection fails when jirauser have readonly power only

[fman]

Thanks for opening the ticket