Closed kennsippell closed 2 months ago
Also impacting tharakanithi. Blocking from checking other instances due to the *-echis.health cable cut
Fixed for Kajiado and Tharaka Nithi. Leaving this open because I'm blocked fixing the *-echis.health instances.
I searched for misconfigured users via:
curl -X POST https://nandi.echis.go.ke/_users/_find -d '{"selector":{"$and":[{"roles":{"$elemMatch":{"$eq":"user_manager"}}},{"roles":{"$allMatch":{"$ne":"mm-online"}}}]}}' -H 'Content-Type: application/json'
I fixed misconfigured users via:
curl -X POST https://kajiado.echis.go.ke/api/v1/users/user_manager_name -d '{ "roles": [ "user_manager", "mm-online" ]}' -H 'Content-Type: application/json'
Fixed another 25 users on training-1 instance
Another batch fixed on chis-staging.health.go.ke
If you POST to
/api/v2/users
and create a user with an online role, then it will automatically be assignedmm-online
role. Users on most instances (eg. Busia) have the mm-online role and are working fine. Users created on the kajiado instance do not have mm-online role and are therefore experiencing 403 errors for routine tasks.The most likely cause here was that the eCHIS config with the
user_manager
role wasn't uploaded to the instance at the time the users were created.