Closed bartjkdp closed 4 years ago
@bartjkdp We cannot reproduce this behaviour.
We tried with the latest Dockers (ZTC digest: 44eee8f373c0, ZRC digest: caec4fd51344) and setup the proper authentications. We also tried it against the deployed reference implementation.
Here's the steps we took:
Create a Zaak Zaaktype: Melding openbare ruimte
POST /api/v1/zaken
Authorization: Bearer <TOKEN>
Content-Type: application/json
Accept-Crs: EPSG:4326
Content-Crs: EPSG:4326
{
"bronorganisatie": "509381406",
"omschrijving": "test",
"zaaktype": "https://catalogi-api.vng.cloud/api/v1/zaaktypen/c2f952ca-298e-488c-b1be-a87f11bd5fa2",
"verantwoordelijkeOrganisatie": "245122461",
"startdatum": "2018-12-06",
"toelichting": "Zaak aanmaken test"
}
HTTP 201
{
"url": "https://zaken-api.vng.cloud/api/v1/zaken/7765c44d-528d-46d9-8589-4bb0a90819fe",
"uuid": "7765c44d-528d-46d9-8589-4bb0a90819fe",
"identificatie": "ZAAK-2019-0000000663",
"bronorganisatie": "509381406",
...
}
If the above step succeeds, there should be no reason for ROL-create to fail since the authorizations that are used are the same. If the above fails, your config is wrong. If this succeeds and ROL-create fails something is off :/
Create a Status Status: Leeg
POST /api/v1/statussen
Authorization: Bearer <TOKEN>
Content-Type: application/json
{
"zaak": "https://zaken-api.vng.cloud/api/v1/zaken/7765c44d-528d-46d9-8589-4bb0a90819fe",
"statustype": "https://catalogi-api.vng.cloud/api/v1/statustypen/b59f487b-74c3-45f3-9130-24b2040bb1f6",
"datumStatusGezet": "2019-10-14T04:56:48+02:00",
"statustoelichting": "Test"
}
HTTP 201
...
Just for sanity reasons. We give it a Status of Statustype "Leeg" which is part of this Zaaktype!
Create a Rol Roltype: Behandelaar
POST /api/v1/rollen
Authorization: Bearer <TOKEN>
Content-Type: application/json
{
"zaak": "https://zaken-api.vng.cloud/api/v1/zaken/7765c44d-528d-46d9-8589-4bb0a90819fe",
"betrokkene": "",
"betrokkeneType": "natuurlijk_persoon",
"roltype": "https://catalogi-api.vng.cloud/api/v1/roltypen/e25850c8-8ae8-4b73-b000-5d22229dc70d",
"omschrijving": "Aanvrager",
"omschrijvingGeneriek": "initiator",
"roltoelichting": "De melder van de Zaak",
"betrokkeneIdentificatie": {
"inpBsn": "900106505",
"anpIdentificatie": "",
"inpA_nummer": "",
"geslachtsnaam": "",
"voorvoegselGeslachtsnaam": "",
"voorletters": "",
"voornamen": "",
"geslachtsaanduiding": "",
"geboortedatum": "",
"verblijfsadres": null,
"subVerblijfBuitenland": null
}
}
HTTP 201
...
We add a Betrokenne to the Zaak with Roltype "Behandelaar" which is part of this Zaaktype! If it's not part of this Zaaktype, you'll get a HTTP 400 error.
This might or might not be related but @bartjkdp indicated he got this response if he deletes the External API credentials.
{
"type": "https://gemma-zrc.zgw.s-hertogenbosch.dev/ref/fouten/ValidationError/",
"code": "invalid",
"title": "Invalid input.",
"status": 400,
"detail": "",
"instance": "urn:uuid:2691feac-e88b-4c05-8333-048177cdcc72",
"invalidParams": [
{
"name": "roltype",
"code": "bad-url",
"reason": "De URL https://gemma-ztc.zgw.s-hertogenbosch.dev/api/v1/roltypen/8b8a05e8-9b2f-4b46-8b2f-a3e0ae8849c9 gaf als antwoord HTTP 403. Geef een geldige URL op."
},
{
"name": "roltype",
"code": "bad-url",
"reason": "De URL https://gemma-ztc.zgw.s-hertogenbosch.dev/api/v1/roltypen/8b8a05e8-9b2f-4b46-8b2f-a3e0ae8849c9 gaf als antwoord HTTP 403. Geef een geldige URL op."
}
]
}
Basically, the same error but twice. This might indicate that the validation is performed twice:
Validation 2 fails even when External API credentials are configured. If External API credentials are not configured, both 1 and 2 validation rules fail. How and why validation is triggered twice is, is a mystery...
We can't reproduce https://github.com/VNG-Realisatie/gemma-zaken/issues/1375#issuecomment-547966213 either.
I think there's something wrong with the setup but can't pinpoint it :/
I will do some more debugging on the specific setup next week. The whole setup can be replicated by cloning this repository: https://gitlab.com/delta10/zgw-2 and run:
vagrant up
and performing the installation steps as described in the README.md.
Please reopen if the issue remains.
It seems that when creating a new role through the ZRC API, calls to the ZTC are not correctly authenticated:
A call to
POST /api/v1/rollen
with body:Results in the following error:
In the ZRC the external credentials of
https://gemma-ztc.zgw.somedomain.dev/api/v1/
are configured correctly and a direct call to https://gemma-ztc.zgw.somedomain.dev/api/v1/roltypen/8b8a05e8-9b2f-4b46-8b2f-a3e0ae8849c9 with the same credentials succeeds.Version used: 1.0.0-rc1