search

TykTechnologies / tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols
Other
9.74k stars 1.09k forks source link

[TT-10197] Policy is not created by gateway rest api #4005

Open cuttingedge1109 opened 2 years ago

cuttingedge1109 commented 2 years ago

Branch/Environment/Version

Describe the bug I tried to create policies using Gateway API, more specifically /tyk/policies. The api returns http code 200 but i cannot find policy added.

Reproduction steps Steps to reproduce the behavior:

curl --location --request POST 'http://tyk-gateway:8080/tyk/policies' \
--header 'x-tyk-authorization: foo' \
--header 'Content-Type: application/json' \
--data-raw '{
  "name": "new policy",
  "quota_max": 60,
  "quota_renewal_rate": 60,
  "allowance": 100,
  "rate": 100,
  "per": 5,
  "org_id": "53ac07777cbb8c2d53000002"
}'

It returns

{
    "key": "",
    "status": "ok",
    "action": "added"
}

But i cannot find that in the policy list. Even after reboot or reload gateway.

Expected behavior A new policy should be added.

Configuration (tyk config file): I use the default configuration file for oss gateway.

...
  "policies": {
    "policy_source": "file",
    "policy_record_name": "/opt/tyk-gateway/policies/policies.json"
  },
...
lghiur commented 2 years ago

@cuttingedge1109 thanks for raising this up. We're going to check this as well, and in terms of a possible fix, this will be provided in the same time with the official 4.1 relase.

brahama commented 2 years ago

I see the doc for the GW that shows the polices endpoint but for OSS is it supposed to work? or just files approach? I get 404 when hitting that endpoint.

Thanks!

cuttingedge1109 commented 2 years ago

I see the doc for the GW that shows the polices endpoint but for OSS is it supposed to work? or just files approach? I get 404 when hitting that endpoint.

Thanks!

Yeah, there is no api endpoint defined for policies in stable versions. But you can find that in 4.1.0-rcN versions. I tested and it works as expected.

cuttingedge1109 commented 2 years ago

@lghiur So i think policies api endpoint part in the doc should be removed because 4.0 doesn't support policy api endpoint yet.

lghiur commented 2 years ago

@cuttingedge1109 thanks for pointing that out, we will work in removing the policies endpoint documentation!

oluwaseyeayinla commented 1 year ago

This was opened for release candidate version. Closing this thread as this already works in full release versions from 4.1.0 and above.

konsti commented 1 year ago

I use version 4.3.3, and this still does not work.

curl --location 'http://localhost:8888/tyk/policies' \
--header 'x-tyk-authorization: xxx' \
--header 'Content-Type: application/json' \
--data '{
    "id": "app_repository_jwt_policy",
    "name": "app_repository_jwt_policy",
    "org_id": "default",
    "rate": 1000,
    "per": 1,
    "quota_max": -1,
    "quota_renewal_rate": 60,
    "access_rights": {
      "app_repository_jwt": {
        "api_id": "app_repository_jwt",
        "versions": [
          "Default"
        ]
      }
    }
  }'

Response:

{
    "key": "app_repository_jwt_policy",
    "status": "ok",
    "action": "added"
}

List system policies:

curl --location 'http://localhost:8888/tyk/policies' \
--header 'x-tyk-authorization: xxx'

Response:

[]
konsti commented 1 year ago

It works after defining the policy_path in the tyk.conf. Otherwise, Tyk does not know how to save the policy.

It would be less irritating if the API returned an error if that setting was missing.

andyo-tyk commented 1 year ago

Hi @konsti

Thanks for reporting this - and the fix that you found!

We'll review the opportunity to improve the documentation to ensure that others don't hit this problem - and I've logged the suggestion of an error message which we will aim to implement when we have bandwidth.

We're always open to PRs from the community, if you fancy giving it a try to get this in more quickly?

Thanks for supporting Tyk!