POST contacts via JSON:API fails with 403 status code (intermittently)

Created on 26 June 2023, 12 months ago
Updated 27 June 2023, 12 months ago

Problem/Motivation

Repeated posting a redhen contact via the json:api succeeds for exactly 10 times.
The 11th attempt fails with 403 status code.
After waiting for 120 seconds, the next 10 POSTs succeed again.
BasicAuth is used, user account has the ncecessary permissions, also affects user 1.
This happens with contacts only, organizations or connections are not affected.

Steps to reproduce


POST with postman or any other client, 11 times
Request header:
'Accept': 'application/vnd.api+json',
'Content-Type': 'application/vnd.api+json'


Example request body:
{"data": {"type": "redhen_contact--crm_cont_pers", "attributes": {"first_name": "John", "middle_name": null, "last_name": "Smith", "email": null}}}

Example response on{
"jsonapi": {
"version": "1.0",
"meta": {
"links": {
"self": {
"href": "http://jsonapi.org/format/1.0/"
}
}
}
},
"data": {
"type": "redhen_contact--testcontact",
"id": "3ae37931-4216-465e-99e1-261813e56372",
"links": {
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
},
"attributes": {
"drupal_internal__id": 1007,
"drupal_internal__revision_id": 1007,
"langcode": "de",
"first_name": "John",
"middle_name": null,
"last_name": "Smith",
"email": null,
"status": true,
"created": "2023-06-27T08:20:28+00:00",
"changed": "2023-06-27T08:20:28+00:00"
},
"relationships": {
"redhen_contact_type": {
"data": {
"type": "redhen_contact_type--redhen_contact_type",
"id": "5afeb9a4-5223-4c87-a17d-c01ab9e3dd41",
"meta": {
"drupal_internal__target_id": "testcontact"
}
},
"links": {
"related": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
},
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
}
},
"uid": {
"data": null,
"links": {
"related": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
},
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
}
}
}
},
"links": {
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact"
}
}
} request #1-10, status code 201 - works as expected :
{
"jsonapi": {
"version": "1.0",
"meta": {
"links": {
"self": {
"href": "http://jsonapi.org/format/1.0/"
}
}
}
},
"data": {
"type": "redhen_contact--testcontact",
"id": "3ae37931-4216-465e-99e1-261813e56372",
"links": {
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
},
"attributes": {
"drupal_internal__id": 1007,
"drupal_internal__revision_id": 1007,
"langcode": "de",
"first_name": "John",
"middle_name": null,
"last_name": "Smith",
"email": null,
"status": true,
"created": "2023-06-27T08:20:28+00:00",
"changed": "2023-06-27T08:20:28+00:00"
},
"relationships": {
"redhen_contact_type": {
"data": {
"type": "redhen_contact_type--redhen_contact_type",
"id": "5afeb9a4-5223-4c87-a17d-c01ab9e3dd41",
"meta": {
"drupal_internal__target_id": "testcontact"
}
},
"links": {
"related": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
},
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
}
},
"uid": {
"data": null,
"links": {
"related": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
},
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact/3ae37931-421..."
}
}
}
}
},
"links": {
"self": {
"href": "https://test.example.com/jsonapi/redhen_contact/testcontact"
}
}
}

Response on request #11:


403 Forbidden

Forbidden

You don't have permission to access this resource.

Additionally, a 403 Forbidden
error was encountered while trying to use an ErrorDocument to handle the request.

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

πŸ› Bug report
Status

Active

Version

2.0

Component

Contacts

Created by

πŸ‡¨πŸ‡­Switzerland jreinholdt

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.69.0 2024