Found this out while writing a request to change the tags on a topic.
Basically, this doesn’t work:
PUT /t/123.json?api_username=...&api_key=...
{
tags: ['a']
}
The server responds with:
403
{
"errors": [
"You are not permitted to view the requested resource."
],
"error_type": "invalid_access"
}
However, if you put the topic slug on the URL, everything works fine (i.e. PUT /t/why-arent-there-better-animals/123.json?api_username=...&api_key=...)
This is inconsistent with the other topic API methods which do not require a slug, and differs from the behavior described in the API documentation: Discourse API Documentation
「いいね!」 1
riking
2016 年 9 月 24 日午前 12:09
2
Does it work if you use a wrong slug?
「いいね!」 2
fefrei
2016 年 9 月 27 日午前 10:06
3
I’m pretty sure the answer is No , based on previous testing, but I don’t have the time to reproduce this right now.
「いいね!」 1
blake
2016 年 9 月 27 日午後 12:21
4
Yes it appears that you need the slug to be present to make the PUT request on topics and you can use the wrong slug and it will work fine.
See my demo:
「いいね!」 4
riking
2016 年 9 月 27 日午後 4:47
5
Okay, so just hardcode a slug of a single dash
「いいね!」 4
That’s fine for a workaround but it’s still a bug.
「いいね!」 1
How is that a bug and not required syntax?
To work as expected routing depends on URLs to be in a certain format.
So this seems more like “change the way the API works with improper URLs” feature request than a bug to me.
「いいね!」 3
Well, none of the other topic API methods require that, so I’d call it a bug.
「いいね!」 2
Put differently, why is it reasonable for GET /t/:topicId to work and DELETE /t/:topicId to work and PUT /t/:topicId to not work?
「いいね!」 4
I edited the original topic to clarify why this is a bug, but I’d like to highlight that the API documentation itself states that this should work:
https://docs.discourse.org
I think my previous point is relevant as well.
「いいね!」 2
sam
2016 年 9 月 28 日午前 8:45
11
This does not meet our definition of bug
「いいね!」 2
