Open mjangle opened 1 year ago
Issue was resolved by removing existing ./influxdbv2 folder stored in the user directory and doing a fresh setup.
For anyone in the future having this issue this was resolved by removing the ./ingluxdbv2 folder in my user directory, restarting influxd, using the CLI to do initial setup .
Suggest updating documentation here to reflect the need to do initial setup via the CLI or removing the ability to setup via the UI.
@jeffreyssmith2nd
hi @jeffreyssmith2nd
the issue still exists in v2.6.1 - im using podman:
InfluxDB v2.6.1Server: 9dcf880 Frontend: 5ba8e15
when looking at the authlist I can see that I have both read and write priv for user:
# influx auth list
ID Description Token User Name User ID Permissions
my_id admin my_token admin my_uid [read:/users/uidwrite:/users/uid]
and when checking the config I can see that it's active:
# influx config ls
Active Name URL Org
* default http://localhost:8086 my_org
and the config "/etc/influxdb2/influx-configs" reads as follows:
# cat influx-configs
[default]
url = "http://localhost:8086"
token = "my_token"
org = "my_org"
active = true
and checking the validity of the token:
# influx user list -t my_token
ID Name
my_uid admin
Any idea when there will be fix?
Also when is user creation moving to the frontend?
:)
Unfortunately it's misleading, but creating users requires the read:/users
and write:/users
permission. It does not work with org scoped access (read:/users/org
and write:/users/org
).
Unfortunately it's misleading, but creating users requires the
read:/users
andwrite:/users
permission. It does not work with org scoped access (read:/users/org
andwrite:/users/org
).
Apologies I got it wrong I have this:
ID Description Token User Name User ID Permissions
my_id admin my_token admin my_uid [read:/users/my_uid write:/users/my_uid]
And a cap from the UI: So if this is correct what can be done to fix the error?
found the issue
if you delete the admin token and recreate it in the UI it does not create a token with read:/users write:/users
as a resource
can this be fixed please
We were able to create a new user if the config is not scoped to an organization:
.\influx config create --config-name onboarding `
--host-url "https://[...]" `
--token "[...]==" `
--active
Steps to reproduce: List the minimal actions needed to reproduce the behavior.
Expected behavior:
I expect to be able to create new users
Actual behavior:
I receive "Error: failed to create user "username": 401 Unauthorized: write:users is unauthorized"
Environment info:
The generated token and CLI config does connect to the DB as I can use
influx bucket list
and it will return the correct buckets, orinflux user list
and it will return a list of users (single user). Attempting to generate an all access token via the CLI detailed here does not work and I receive a "403 Forbidden: permission read:users is not allowed" error