/pulp/api/v3/rpm/prune/ permissions and/or usage is unclear

Version "versions": { "deb": "3.3.0", "gem": "0.6.0", "rpm": "3.27.1", "core": "3.54.1", "file": "3.54.1", "maven": "0.8.1", "ostree": "2.4.0", "python": "3.11.1", "ansible": "0.22.0", "certguard": "3.54.1", "container": "2.20.0" }

Describe the bug If the user has the permission to view and modify, and calls the api, the user is not allowed to prune the packages. Instead a stacktrace shows in the logs

2024-07-01T10:14:06.289909944+02:00 pulp [a5c25c8c514b4317bd2b9c1ff076a9d6]: django.request:ERROR: Internal Server Error: /pulp/api/v3/rpm/prune/ 2024-07-01T10:14:06.289909944+02:00 Traceback (most recent call last): 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/django/core/handlers/exception.py", line 55, in inner 2024-07-01T10:14:06.289909944+02:00 response = get_response(request) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/django/core/handlers/base.py", line 197, in _get_response 2024-07-01T10:14:06.289909944+02:00 response = wrapped_callback(request, *callback_args, callback_kwargs) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/django/views/decorators/csrf.py", line 56, in wrapper_view 2024-07-01T10:14:06.289909944+02:00 return view_func(*args, *kwargs) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/viewsets.py", line 124, in view 2024-07-01T10:14:06.289909944+02:00 return self.dispatch(request, args, kwargs) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 509, in dispatch 2024-07-01T10:14:06.289909944+02:00 response = self.handle_exception(exc) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 469, in handle_exception 2024-07-01T10:14:06.289909944+02:00 self.raise_uncaught_exception(exc) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception 2024-07-01T10:14:06.289909944+02:00 raise exc 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 497, in dispatch 2024-07-01T10:14:06.289909944+02:00 self.initial(request, *args, **kwargs) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 415, in initial 2024-07-01T10:14:06.289909944+02:00 self.check_permissions(request) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_framework/views.py", line 332, in check_permissions 2024-07-01T10:14:06.289909944+02:00 if not permission.has_permission(request, self): 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_access_policy/access_policy.py", line 69, in has_permission 2024-07-01T10:14:06.289909944+02:00 allowed = self._evaluate_statements(statements, request, view, action) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_access_policy/access_policy.py", line 113, in _evaluate_statements 2024-07-01T10:14:06.289909944+02:00 matched = self._get_statements_matching_conditions( 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_access_policy/access_policy.py", line 262, in _get_statements_matching_conditions 2024-07-01T10:14:06.289909944+02:00 passed = self._check_condition(condition, request, view, action) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/rest_access_policy/access_policy.py", line 286, in _check_condition 2024-07-01T10:14:06.289909944+02:00 result = method(request, view, action, arg) 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/pulpcore/app/global_access_conditions.py", line 375, in has_repository_model_or_domain_or_obj_perms 2024-07-01T10:14:06.289909944+02:00 return has_model_or_domain_perms(request, view, action, permission) or has_repository_obj_perms( 2024-07-01T10:14:06.289909944+02:00 File "/usr/local/lib/python3.9/site-packages/pulpcore/app/global_access_conditions.py", line 367, in has_repository_obj_perms 2024-07-01T10:14:06.289909944+02:00 plugin_repository = Repository.objects.get(pk=view.kwargs["repository_pk"]).cast() 2024-07-01T10:14:06.289909944+02:00 KeyError: 'repository_pk'

When running as admin i get an unclear response about GET not being allowed while it is a POST call being made 2024-07-01T10:46:11.681521573+02:00 ('pulp [823adeb440d2463fbbc8f8509b8f5233]: ::ffff:127.0.0.1 - admin [01/Jul/2024:08:46:11 +0000] "POST /pulp/api/v3/rpm/prune?keep_days=1&dry_run=true&repo_hrefs=[%22%22] HTTP/1.0" 301 0 "-" "PostmanRuntime/7.39.0"',) 2024-07-01T10:46:12.083845797+02:00 pulp [dd2e7a5840fc4dcba15cdbaf50c3956f]: django.request:WARNING: Method Not Allowed: /pulp/api/v3/rpm/prune/ 2024-07-01T10:46:12.085448171+02:00 ('pulp [dd2e7a5840fc4dcba15cdbaf50c3956f]: ::ffff:127.0.0.1 - admin [01/Jul/2024:08:46:12 +0000] "GET /pulp/api/v3/rpm/prune/?keep_days=1&dry_run=true&repo_hrefs=[%22%22] HTTP/1.0" 405 40 "http://repository.local/pulp/api/v3/rpm/prune?keep_days=1&dry_run=true&repo_hrefs=[%22*%22]" "PostmanRuntime/7.39.0"',)

To Reproduce Call the prune api with a user that has view permissions and modify_repository_content

Expected behavior I would expect an appropriate error messages (in case if not allowed or lack of permissions).

pulp/api/v3/docs/#tag/Rpm:-Prune is not really clear about if additonal permissions are required

Additional i am not getting clear instructions if it should or should not work based on https://pulpproject.org/pulp_rpm/docs/user/guides/prune/?h=prune#output_1. The examples talk about a cli option, but lacks information about the API call

Additional context none

pulp / pulp_rpm

/pulp/api/v3/rpm/prune/ permissions and/or usage is unclear #3652