Buttons on /sidekiq/scheduler return "Forbidden"


(Lutz Biermann) #1

I want to trigger the daily job for Badge-Grants. First idea was to use /sidekiq/scheduler and trigger Jobs::BadgeGrant. But “/sidekiq/scheduler/Jobs::BadgeGrant/trigger” gives “Forbidden” as Result (running as Administrator).

How can I trigger the job manually from the console? I think it should be something like ./launcher enter app - but no idea whats next.

Thanks for helping!


"Forbidden" on trying to control Sidekiq
(Sam Saffron) #2

It giving forbidden would be a bug, we need to investigate this.


(Lutz Biermann) #3

Just a quick update on this issue:

With the current version tests-passed v1.8.0.beta2 +60 each button on /sidekiq/scheduler returns the result “Forbidden”. I don’t know how it was before, but if there is a button, it should work.


(Mike Sider) #4

I also get the Forbidden message when doing this /sidekiq/scheduler/Jobs::VersionCheck/trigger

I also get these two warnings from the admin panel. I think they are related.

A check for updates has not been performed lately. Ensure sidekiq is running.

The number of queued jobs is 1154173, which is high. This could indicate a problem with the Sidekiq process(es), or you may need to add more Sidekiq workers.

Any help is appreciated.


(Jeff Atwood) #5

I got no repro on this, I just upgraded talk.commonmark.org to latest and all tabs of /sidekiq work fine for me.


(Lutz Biermann) #6

Jeff, I’ve tested a bit more and I think you can reproduce it. I used a fresh discourse installation. No plugins, latest version. I did it at home and it worked. Ok, I was confused. After some thought, I found the difference:

If I use Google Chrome, latest version 55.0.2883.87 m, no plugins, no add-blockers, the result from sidekick is “Forbidden”. Chrome Console: POST https://www.mydomain.com/sidekiq/scheduler/Jobs::CheckForSpamPosts/trigger 403 () It also don’t work on my mobile with google chrome.

But if I use Mozilla Firefox or Windows Edge on the same instance, everything works! No Problems at all. So the problem is quite clear Google Chrome.


(Jeff Atwood) #7

No repro. I use Chrome as well, current version, x64, no plugins.


(Lutz Biermann) #8

Hmm. I can repro it on two different instances with chrome mobile and chrome desktop. Mobile is on Samsung S6. Let me search a bit more over the weekend.


(Jeff Atwood) #9

Are you referring to simply visiting the Sidekiq top level tabs or some other action? Just clicking on all the Sidekiq top level tabs works fine for me in Chrome but I took no other actions beyond mindlessly clicking on each top level Sidekiq tab.


(Kane York) #10

He went to the “Scheduler” tab and tried to move one of the jobs up on the schedule by pressing Trigger.


(Lutz Biermann) #11

The tabs are working but the buttons at the scheduler not. To be exactly, they open a confirmation dialog and after clicking ok, the result is forbidden. But only with Google Chrome.


(Jeff Atwood) #12

In four years of using Discourse I have never, not once, needed to mess with Sidekiq jobs manually. So I suspect you have other problems.


(Felix Freiberger) #13

I cannot repro this on v1.8.0.beta1 +278, triggering works fine.


(Lutz Biermann) #14

Well. I can’t explain why it’s working for you. Its not an issue for me, since its works with Firefox.

This is the nginx-log if I do it with Firefox. Return is 302 and it works.

[21/Jan/2017:14:26:26 +0000] 178.202.82.52 "POST /sidekiq/scheduler/Jobs::PeriodicalUpdates/trigger HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" "-" 302 1584 "https://www.[mydomain].com/sidekiq/scheduler" 0.011 0.011 "-"
[21/Jan/2017:14:26:26 +0000] 178.202.82.52 "GET /sidekiq/scheduler HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" "-" 200 5763 "-" 0.110 0.110 "-"

This is the nginx-log on the same instance if I do it with Google Chrome. Return is 403 and it don’t work.

[21/Jan/2017:14:24:12 +0000] 178.202.82.52 "GET /sidekiq/scheduler HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" "-" 200 5748 "-" 0.118 0.118 "-"
[21/Jan/2017:14:24:17 +0000] 178.202.82.52 "POST /sidekiq/scheduler/Jobs::Heartbeat/trigger HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" "-" 403 1525 "https://www.[mydomain].com/sidekiq/scheduler" 0.009 0.009 "-"

This is what I do (any button will do, just pick one you like):
Step 1

Step 2

Step 3

I tried this on a fresh install of Discourse with latest test-passed-version. I tried Google Chrome on my Samsung S6, on Windows 10 with and without 64-Bit Chrome. I cleared Cookies and Cache. I have no Addons. Result: always forbidden. If I do exactly the some steps on Firefox/Internet Explorer/Edge it works.


(Felix Freiberger) #15

Curiously, I’ve been testing it in Chrome, too. :thinking:


(Sam Saffron) #16

The custom tab I wrote for sidekiq that displays list of schedules and allows you to click on a button to manually trigger a schedule is indeed broken, I will get around to fixing it


(Sam Saffron) #17

OK

I sat down to “fix” this and no longer have a repro on meta or discuss.samsaffron.com

Whatever is going on is specific to your install @Lutz

My guess is either there is some plugin interaction or something about your install is off.


(Alan Tan) #18

@Lutz The following wiki might be of help to you : Monitoring · mperham/sidekiq Wiki · GitHub


#19

I have the same issue, I take the plain Discourse image and on crome it is not possible I get the forbidden, when I use Firefox then is everything fine


(Fabian Santiago) #20

same exact issue here. works outside of chrome. i’m running discourse in a docker on centos 7.3 with nginx current mainline version.

discourse version v1.9.0.beta7 +10 .