Closed Kaefermade closed 1 year ago
Hi, the authorization is checked against the Description field and when your are not using english, you will get the error.
Better is to check against the ObjectId:
def _has_download_authorization():
global _HAS_DOWNLOAD_AUTHORIZATION
if _HAS_DOWNLOAD_AUTHORIZATION is None:
user_attributes = _request(C.URL_ACCOUNT_ATTRIBUTES).json()
sid = user_attributes['uid']
url = C.URL_SERVICE_USER_ADMIN + f"/UserSet('{sid}')/UserExistingAuthorizationsSet"
j = _request(url, headers={'Accept': 'application/json'}).json()
authorization_descs = [r['ObjectId'] for r in j['d']['results']]
_HAS_DOWNLOAD_AUTHORIZATION = "SWDOWNLOAD" in authorization_descs
return _HAS_DOWNLOAD_AUTHORIZATION
Best regards, Dirk
@Kaefermade Please excuse the delay, I have been OOO for weeks
Thanks for the GH Issue, it has reminded me that I did not copy/paste the FAQ for these common errors into this repo. For now you can see them under the Terraform Templates repo (which leverages the auto-downloads) > terraform.templates_for_sap -- /docs/FAQ.md#common-errors
When the prefix "An exception has occurred - "
is used, it is passing the direct error message from SAP.com and is the catch-all. You can see this on this line of code: software_center_download.py#L158
Unfortunately, this is not something I will debug as it would require your credentials and I would never accept that responsibility. Execution manually of the Python code is possible and commented-out code in this example that will turn on debugging to show all API traffic: see EXEC_EXAMPLES.md#execution-example-with-python-environment. With debugging enabled it would reveal what is happening, but please be careful when copy/pasting as it may contain sensisitive data.
OK bit strange to get a comment from @dirktimmer seconds after I open this GH Issue and reply, but I'll take it -- that is an excellent catch by Dirk!
..... reviewing JSON payloads again, will alter my language to compare but I like the suggested solution
There are two objects returned for SAP Software Download authorization:
[
{
"UserId": "S0000000000",
"ObjectId": "SWDOWNLOAD",
"ObjectDesc": "Software Download",
"Field": "GLOBAL",
"FieldDesc": "Global",
"Value": "",
"ValueDescription": "",
"ValueType": "",
"InstallationUser": "",
"InstallationUserDesc": "",
"AuthLevelId": "G_SOFTDOWN",
"AuthLevelDesc": ""
},
{
"UserId": "S0000000000",
"ObjectId": "G_SOFTDOWN",
"ObjectDesc": "Software Download",
"Field": "",
"FieldDesc": "",
"Value": "",
"ValueDescription": "",
"ValueType": "",
"InstallationUser": "",
"InstallationUserDesc": "",
"AuthLevelId": "group",
"AuthLevelDesc": ""
}
]
Yes, I can see it in my payload also. But i think the first is refering to the second one. From where you got the acces rights. In the first is the "AuthLevelId": "G_SOFTDOWN" what is in the second the ObjectId. In my ObjectDesc the value is 'Software herunterladen' (german).
Agree, there is definitely a parent-child relationship between the objects. However I would prefer to cover all scenarios as I cannot be familiar with all permutations of authorizations in different SAP Company Numbers (SCN), different SAP User IDs, and different languages.
it is possible
G_SOFTDOWN
is a subset auth to allow certain download access, and the user would not have access toSWDOWNLOAD
Committing a fix, then creating a dev
branch which I meant to do a while ago
@Kaefermade please test again and close this GH Issue if now working. Big thanks to @dirktimmer for finding this blind spot 👍
Works like a charm now. Thank you. :)
Thanks for test confirming. For future reference, could also force language to English but this may have unexpected consequences
j = _request(url, headers={'Accept': 'application/json'}, params={'sap-language': 'en'}).json()
EDIT: Also added FAQ
I'm trying to use the software_center_download module as part of my playbook. But it fails with the following message:
"An exception has occurred - You do not have proper authorization to download software, please check: https://launchpad.support.sap.com/#/user/authorizations"
First of all I've checked the permissions, my S-User has. They are correctly set and I'm able to download software from SAP using a browser. As suggested when using an Universal ID I also reset my Account Password without any difference. So I tried it again with an S-User of my colleague which has super admin rights and the module worked as expected. His S-User uses a Universal ID, too. The only difference are those super admin rights, which shouldn't prevent me from downloading.
Any ideas how to fix this?