system.teamcity.auth.userId does not have permissions to access user info

I'm trying to run an application during a build which uses the REST API.  The REST calls are authenticated using %system.teamcity.auth.userId% and %system.teamcity.auth.password%.  All of the REST commands work fine except for one that is used to get user details.  This call fails with "server error 500", which apparently is because the %system.teamcity.auth.userId% user does not have sufficient permissions.  If I manually choose a user that has admin priveleges, then the call works.

This is the call that is failing:

http://<TCServer>/httpAuth/app/rest/users/username:<username>

Is this by design?  Is there another way to get user info?  (I am trying to get the user's e-mail address.)

19 comments
Comment actions Permalink

This is by design. You can turn off the security check in this place. See http://youtrack.jetbrains.com/issue/TW-33818 for details.

0
Comment actions Permalink

To clarify: the command to get user details works if query for user returns only one user - himself. In all other cases it fails.

0
Comment actions Permalink

Can you tell me when the VIEW_USER_PROFILE option was added?  I am using TC 7.1.5, but I don't see it anywhere in the User or Global options.

0
Comment actions Permalink

I think, it was 7.0

0
Comment actions Permalink

Okay, so it should be in the version I am using, but I can't seem to find it.  Is it available in the UI, or do I have to set this in a config file directly?

0
Comment actions Permalink

It's in UI indeed. You can see it under roles in http://localhost:8111/admin/admin.html?item=roles

0
Comment actions Permalink

Something must be different about my installation because I still cannot see it.  I can't find a link to "Roles" anywhere in the UI, and when I try to go to the link you provided directly (http://localhost:8111/admin/admin.html?item=roles), it just goes back to the Admin->Projects page.

0
Comment actions Permalink

You need to enable per-project permissions on Authentification page.

0
Comment actions Permalink

Actually, don't worry about that last question.  I found that Roles are only enabled when per-project-permissions are turned on, so I can see the Roles now.

However, I'm still having my original problem.  Either I misunderstood the solution, or haven't set things up properly.

My original problem was that during a build, the user %system.teamcity.auth.userId% does not have permission to view other users' info.  To work around this, I added the "Tools Integration" role to the "All Users" group.  The "Tools Integration" role has the "View user profile" permission, so I thought that this would grant user-browing permission to all users, including %system.teamcity.auth.userId%, but that user is still not able to get the user info during a build.

Did I miss something?

0
Comment actions Permalink

You can enable debug-rest logging under Diagnostics and then view teamcity-rest.log to understand why are you getting 500.

0
Comment actions Permalink

The "500" is not the mystery.  Even before turning on debug-rest logging, the teamcity-rest.log told me that the reason for the error was insufficient permissions.

"Error for request /httpAuth/app/rest/users/username:spont. Sending '500' error in response: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings."

I thought that adding the "Tools Integration" role to the "All Users" group would grant the %teamcity.auth.userId% user the access to get other users' info, but it doesn't seem to do that. Is there something else I have to do with the Roles?  Do the Roles affect the priveleges of the temporary (per-build) user?

0
Comment actions Permalink

What is the command you use in build step to call REST API? And how does the build log for this command look like?

0
Comment actions Permalink

The command is http://<server>/httpAuth/app/rest/users/username:spont
This is being authenticated with %system.teamcity.auth.userId% and %system.teamcity.auth.password%

This is the result in teamcity-rest.log is below.  (I also attached it in case it is hard to read in-line.)  The first line says "no auth/user", but I double-checked that my software is setting the authentication to the above values.  In this case, the temporary user is something like "TeamCityBuildId=206".  If I change the user to an existing user (instead of %system.teamcity.auth.userId%), then everything works.

[2014-04-21 09:27:22,349]  DEBUG [-bio-81-exec-24] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/users/username:spont', from client 0:0:0:0:0:0:0:1:49741, no auth/user 
[2014-04-21 09:27:22,349]  DEBUG [-bio-81-exec-24] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/users/username:spont' -> '/app/rest/users/username:spont' 
[2014-04-21 09:27:22,349]   WARN [-bio-81-exec-24] - rver.server.rest.APIController - Error for request /httpAuth/app/rest/users/username:spont. Sending '500' error in response: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings 
[2014-04-21 09:27:22,384]  DEBUG [-bio-81-exec-24] - rver.server.rest.APIController - Error for request /httpAuth/app/rest/users/username:spont. Sending '500' error in response: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings 
jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings
     at jetbrains.buildServer.serverSide.impl.auth.ServerAuthUtil.checkCanViewUserProfile(ServerAuthUtil.java:70)
     at jetbrains.buildServer.users.impl.SecuredUser.getEmail(SecuredUser.java:55)
     at jetbrains.buildServer.server.rest.model.user.User.getEmail(User.java:80)
     at jetbrains.buildServer.server.rest.model.user.User$JaxbAccessorM_getEmail_setEmail_java_lang_String.get(MethodAccessor_Ref.java:56)
     at com.sun.xml.bind.v2.runtime.reflect.TransducedAccessor$CompositeTransducedAccessorImpl.print(TransducedAccessor.java:241)
     at com.sun.xml.bind.v2.runtime.property.AttributeProperty.serializeAttributes(AttributeProperty.java:101)
     at com.sun.xml.bind.v2.runtime.ClassBeanInfoImpl.serializeAttributes(ClassBeanInfoImpl.java:370)
     at com.sun.xml.bind.v2.runtime.XMLSerializer.childAsSoleContent(XMLSerializer.java:595)
     at com.sun.xml.bind.v2.runtime.ClassBeanInfoImpl.serializeRoot(ClassBeanInfoImpl.java:338)
     at com.sun.xml.bind.v2.runtime.XMLSerializer.childAsRoot(XMLSerializer.java:498)
     at com.sun.xml.bind.v2.runtime.MarshallerImpl.write(MarshallerImpl.java:323)
     at com.sun.xml.bind.v2.runtime.MarshallerImpl.marshal(MarshallerImpl.java:251)
     at javax.xml.bind.helpers.AbstractMarshallerImpl.marshal(AbstractMarshallerImpl.java:110)
     at com.sun.jersey.json.impl.JSONMarshallerImpl.marshal(JSONMarshallerImpl.java:74)
     at com.sun.jersey.core.provider.jaxb.AbstractRootElementProvider.writeTo(AbstractRootElementProvider.java:179)
     at com.sun.jersey.core.provider.jaxb.AbstractRootElementProvider.writeTo(AbstractRootElementProvider.java:157)
     at com.sun.jersey.spi.container.ContainerResponse.write(ContainerResponse.java:306)
     at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1437)
     at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1349)
     at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1339)
     at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
     at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:537)
     at com.sun.jersey.spi.container.servlet.ServletContainer.doFilter(ServletContainer.java:895)
     at com.sun.jersey.spi.container.servlet.ServletContainer.doFilter(ServletContainer.java:843)
     at jetbrains.buildServer.server.rest.APIController$2.apply(APIController.java:275)
     at jetbrains.buildServer.server.rest.APIController$2.apply(APIController.java:261)
     at jetbrains.buildServer.util.Util.doUnderContextClassLoader(Util.java:68)
     at jetbrains.buildServer.server.rest.APIController.doHandle(APIController.java:261)
     at jetbrains.buildServer.controllers.BaseController.handleRequestInternal(BaseController.java:73)
     at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
     at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
     at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
     at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
     at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
     at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
     at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet.service(TeamCityDispatcherServlet.java:0)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
     at jetbrains.buildServer.web.ParametersProviderCalculationContextFilter.doFilter(ParametersProviderCalculationContextFilter.java:6)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
     at jetbrains.buildServer.web.DisableSessionIdFromUrlFilter.doFilter(DisableSessionIdFromUrlFilter.java:5)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
     at jetbrains.buildServer.web.DiagnosticFilter.doFilter(DiagnosticFilter.java:55)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
     at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
     at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:539)
     at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:300)
     at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)
[2014-04-21 09:27:22,386]  DEBUG [-bio-81-exec-24] - rver.server.rest.APIController - REST API request processing finished in 37 ms, status code: 500 


Attachment(s):
teamcity-rest partial.log.zip
0
Comment actions Permalink

how do you make the call? It looks like you don't provide un/pw
What would the following do?
echo %system.teamcity.auth.userId%
echo %system.teamcity.auth.password%
curl -v -u %system.teamcity.auth.userId%:%system.teamcity.auth.password% http://<server>/httpAuth/app/rest/users/username:spont

0
Comment actions Permalink

One step of my build is a .NET Process Runner.  The parameters sent to that process by TeamCity are:
%teamcity.serverUrl%
%system.teamcity.projectName%
%system.teamcity.buildConfName%
%system.teamcity.auth.userId%
%system.teamcity.auth.password%

When my C# application is run with these parameters, the userId for authentication is set to something like "TeamCityBuildId=206".  I think it is different for each build.  Before calling the REST API, I write the userId and password to a log to make sure they are present.

Next,  I change the parameters in the build step to this:
%teamcity.serverUrl%
%system.teamcity.projectName%
%system.teamcity.buildConfName%
SomeUser
SomePassword

In this case, "SomeUser" is an existing TeamCity user with administrative priveleges.  When the same C# application is run with these parameters, the userId is again written to a log and it is "SomeUser".  The REST call succeeds this time and the user information is returned.

0
Comment actions Permalink

One more piece of information.  My .NET application is making several REST calls, not only the one for the user info.  As you can see from the log below, the other calls (like /httpAuth/app/rest/projects) also indicate that there is no "auth/user".  However, if I try to actually make these calls without specifying a user, the calls fail.  They only succeed when I include a user/pw.  These other calls work with any user, including %system.teamcity.auth.userId%.  The /app/rest/users/username:spont fails unless I specify a user that has admin priveleges.

[2014-04-22 10:05:15,655]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/projects', from client 0:0:0:0:0:0:0:1:52732, no auth/user 
[2014-04-22 10:05:15,655]  DEBUG [-bio-81-exec-25] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/projects' -> '/app/rest/projects' 
[2014-04-22 10:05:15,656]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request processing finished in 0 ms, status code: 200 
[2014-04-22 10:05:15,672]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/projects/id:project5', from client 0:0:0:0:0:0:0:1:52732, no auth/user 
[2014-04-22 10:05:15,672]  DEBUG [-bio-81-exec-25] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/projects/id:project5' -> '/app/rest/projects/id:project5' 
[2014-04-22 10:05:15,672]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request processing finished in 0 ms, status code: 200 
[2014-04-22 10:05:15,681]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/builds/?locator=buildType%3Abt5%2Crunning%3Aany', from client 0:0:0:0:0:0:0:1:52732, no auth/user 
[2014-04-22 10:05:15,681]  DEBUG [-bio-81-exec-25] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/builds/' -> '/app/rest/builds/' 
[2014-04-22 10:05:15,711]  DEBUG [-bio-81-exec-25] - .server.rest.data.BuildsFilter - Processed 26 builds, 26 selected. 
[2014-04-22 10:05:15,730]  DEBUG [-bio-81-exec-25] - rver.server.rest.APIController - REST API request processing finished in 49 ms, status code: 200 
[2014-04-22 10:05:15,742]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/changes?build=id%3A206', from client 0:0:0:0:0:0:0:1:52733, no auth/user 
[2014-04-22 10:05:15,742]  DEBUG [-bio-81-exec-19] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/changes' -> '/app/rest/changes' 
[2014-04-22 10:05:15,743]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - REST API request processing finished in 1 ms, status code: 200 
[2014-04-22 10:05:15,750]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/changes/id:472', from client 0:0:0:0:0:0:0:1:52733, no auth/user 
[2014-04-22 10:05:15,750]  DEBUG [-bio-81-exec-19] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/changes/id:472' -> '/app/rest/changes/id:472' 
[2014-04-22 10:05:15,751]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - REST API request processing finished in 1 ms, status code: 200 
[2014-04-22 10:05:15,761]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/users/username:spont', from client 0:0:0:0:0:0:0:1:52733, no auth/user 
[2014-04-22 10:05:15,761]  DEBUG [-bio-81-exec-19] - ver.server.rest.RequestWrapper - Establishing request mapping: '/httpAuth/app/rest/users/username:spont' -> '/app/rest/users/username:spont' 
[2014-04-22 10:05:15,761]   WARN [-bio-81-exec-19] - rver.server.rest.APIController - Error for request /httpAuth/app/rest/users/username:spont. Sending '500' error in response: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings 
[2014-04-22 10:05:15,761]  DEBUG [-bio-81-exec-19] - rver.server.rest.APIController - Error for request /httpAuth/app/rest/users/username:spont. Sending '500' error in response: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings 
0
Comment actions Permalink

Sorry -- I forgot to run the test you asked for.  Here is the curl output when authenticating with an admin-level user.  The correct user information is returned.

Step 4/4: Curl (Command Line)
[09:39:49][Step 4/4] Starting: C:\TeamCity\buildAgent\temp\agentTmp\custom_script3286279318937450636.cmd
[09:39:49][Step 4/4] in directory: C:\Utilities
[09:39:49][Step 4/4] curl.exe -v -u admin:adminpw http://localhost:81/httpAuth/app/rest/users/username:spont
[09:39:49][Step 4/4] * Hostname was NOT found in DNS cache
[09:39:49][Step 4/4]   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
[09:39:49][Step 4/4]                                  Dload  Upload   Total   Spent    Left  Speed
[09:39:49][Step 4/4]   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying ::1...
[09:39:49][Step 4/4] * Connected to localhost (::1) port 81 (#0)
[09:39:49][Step 4/4] * Server auth using Basic with user 'admin'
[09:39:49][Step 4/4] > GET /httpAuth/app/rest/users/username:spont HTTP/1.1
[09:39:49][Step 4/4] > Authorization: Basic a2xkOmtsZA==
[09:39:49][Step 4/4] > User-Agent: curl/7.36.0
[09:39:49][Step 4/4] > Host: localhost:81
[09:39:49][Step 4/4] > Accept: */*
[09:39:49][Step 4/4] >
[09:39:49][Step 4/4] < HTTP/1.1 200 OK
[09:39:49][Step 4/4] * Server Apache-Coyote/1.1 is not blacklisted
[09:39:49][Step 4/4] < Server: Apache-Coyote/1.1
[09:39:49][Step 4/4] < Set-Cookie: JSESSIONID=F0E1C6E7459F5A6063110497852C3B43; Path=/; HttpOnly
[09:39:49][Step 4/4] < Set-Cookie: RememberMe=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly
[09:39:49][Step 4/4] < Pragma: no-cache
[09:39:49][Step 4/4] < Expires: Thu, 01 Jan 1970 00:00:00 GMT
[09:39:49][Step 4/4] < Cache-Control: no-cache
[09:39:49][Step 4/4] < Cache-Control: no-store
[09:39:49][Step 4/4] < Content-Type: application/xml
[09:39:49][Step 4/4] < Content-Length: 933
[09:39:49][Step 4/4] < Date: Thu, 24 Apr 2014 13:39:49 GMT
[09:39:49][Step 4/4] <
[09:39:49][Step 4/4] { [data not shown]
[09:39:49][Step 4/4] 100   933  100   933    0     0  30096      0 --:--:-- --:--:-- --:--:-- 30096
[09:39:49][Step 4/4] * Connection #0 to host localhost left intact
[09:39:49][Step 4/4] <?xml version="1.0" encoding="UTF-8" standalone="yes"?><user email="spont@kldlabs.com" id="2" lastLogin="20140424T082822-0400" name="Steven Pont" username="spont"><groups><group key="ALL_USERS_GROUP" name="All Users" href="/httpAuth/app/rest/userGroups/key:ALL_USERS_GROUP"/></groups><properties><property name="buildLogHideBlocks" value="false"/><property name="overview.preferredProjects" value="project4:project5:project6:project7:project8:project9:project10:"/><property name="plugin:notificator:jabber:jabber-account" value=""/><property name="plugin:vcs:anyVcs:anyVcsRoot" value="spont"/><property name="showBuilds.changelog" value="true"/><property name="showBuilds.projectchangelog" value="false"/><property name="showGraph.logfilter" value="true"/><property name="storedLogTab" value="tree"/></properties><roles><role roleId="SYSTEM_ADMIN" scope="g" href="/httpAuth/app/rest/users/id:2/roles/SYSTEM_ADMIN/g"/></roles></user>
[09:39:49][Step 4/4] Process exited with code 0


Here is the curl output when authenticating with %system.teamcity.auth.userId%.  The request is denied.

Step 4/4: Curl (Command Line)
[09:55:19][Step 4/4] Starting: C:\TeamCity\buildAgent\temp\agentTmp\custom_script2542699081438584657.cmd
[09:55:19][Step 4/4] in directory: C:\Utilities
[09:55:19][Step 4/4] TeamCityBuildId=220
[09:55:19][Step 4/4] IZfbDk9xZ32i2rGRGxo02zuDfk0UPVth
[09:55:19][Step 4/4] curl.exe -v -u TeamCityBuildId=220:IZfbDk9xZ32i2rGRGxo02zuDfk0UPVth http://localhost:81/httpAuth/app/rest/users/username:spont
[09:55:19][Step 4/4] * Hostname was NOT found in DNS cache
[09:55:19][Step 4/4]   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
[09:55:19][Step 4/4]                                  Dload  Upload   Total   Spent    Left  Speed
[09:55:19][Step 4/4]   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying ::1...
[09:55:19][Step 4/4] * Connected to localhost (::1) port 81 (#0)
[09:55:19][Step 4/4] * Server auth using Basic with user 'TeamCityBuildId=220'
[09:55:19][Step 4/4] > GET /httpAuth/app/rest/users/username:spont HTTP/1.1
[09:55:19][Step 4/4] > Authorization: Basic VGVhbUNpdHlCdWlsZElkPTIyMDpJWmZiRGs5eFozMmkyckdSR3hvMDJ6dURmazBVUFZ0aA==
[09:55:19][Step 4/4] > User-Agent: curl/7.36.0
[09:55:19][Step 4/4] > Host: localhost:81
[09:55:19][Step 4/4] Error has occurred during request processing (500).
[09:55:19][Step 4/4] > Accept: */*
[09:55:19][Step 4/4] >
[09:55:19][Step 4/4] < HTTP/1.1 500 Internal Server Error
[09:55:19][Step 4/4] * Server Apache-Coyote/1.1 is not blacklisted
[09:55:19][Step 4/4] < Server: Apache-Coyote/1.1
[09:55:19][Step 4/4] < Set-Cookie: JSESSIONID=9098CEA903E78BE5F16B17764DC2FFEA; Path=/; HttpOnly
[09:55:19][Step 4/4] < Pragma: no-cache
[09:55:19][Step 4/4] < Expires: Thu, 01 Jan 1970 00:00:00 GMT
[09:55:19][Step 4/4] < Cache-Control: no-cache
[09:55:19][Step 4/4] < Cache-Control: no-store
[09:55:19][Step 4/4] < Content-Type: text/plain;charset=ISO-8859-1
[09:55:19][Step 4/4] < Content-Length: 176
[09:55:19][Step 4/4] < Date: Thu, 24 Apr 2014 13:55:19 GMT
[09:55:19][Step 4/4] < Connection: close
[09:55:19][Step 4/4] <
[09:55:19][Step 4/4] { [data not shown]
[09:55:19][Step 4/4] 100   176  100   176    0     0   3744      0 --:--:-- --:--:-- --:--:--  5677
[09:55:19][Step 4/4] * Closing connection 0
[09:55:19][Step 4/4] Error: jetbrains.buildServer.serverSide.auth.AccessDeniedException: You do not have enough permissions to view user settings
[09:55:19][Step 4/4] Process exited with code 0

Also, in the second case, the REST log says that there was no auth/user:
DEBUG [-bio-81-exec-38] - rver.server.rest.APIController - REST API request received: GET '/httpAuth/app/rest/users/username:spont', from client 0:0:0:0:0:0:0:1:57406, no auth/user

0
Comment actions Permalink

oh, I got it. %system.teamcity.auth.userId% and %system.teamcity.auth.password% pair is a special credentials that is used within a build to access server resources, such as artifacts and properties. It is not intended to use to retrieve information about users, builds, buildTypes, etc., since its privileges level is very limited.

0
Comment actions Permalink

Hello , my pycharm project runs well before, but now not running again;**pls help**

URL for the image ;https://i.stack.imgur.com/yJTw3.png

0

Please sign in to leave a comment.