REST 2.0 and creating users

Hi, I’m having trouble creating users via the REST 2.0 interface in RT 5.0.0

I’m posting the following JSON to /user, but I always get the response “Could not create user”:
{ “EmailAddress”: “none@company.com.au”,
“RealName”: “A Person”,
“Disabled”: “0”,
“id”: “user/new”,
“Gecos”: “aperson”,
“Name”: “aperson”
}

I’m authenticating using a token for ‘root’.

From looking at the source code, I can see the message comes from RT, as opposed to the REST extension. I’ve tried many combinations of parameters, but none work. I know not all the above are mandatory.

Is there any resource to determine what parameters are accepted?
What am I doing wrong?

Take a look in your logs and see if there’s a warning from RT - looking in lib/RT/User.pm for RT 5.0.0 all bar one of the places that generates the ``Could not create user" message also log a critical warning which might help you find what aspect is going wrong.

Also I’m not sure if you need the id field for REST2.0 user creation - you don’t for creating tickets.

I’ve anonymised the log, but here it is:
[26784] [Tue Dec 15 23:11:49 2020] [info]: RT::User::CanonicalizeUserInfoFromExternalAuth returning Disabled: , EmailAddress: none@company.com, Gecos: NSURNAME, Name: NSURNAME, NickName: , Privileged: , RealName: Not Anthony, token: (/app/rt5/sbin/…/lib/RT/User.pm:975)
[26784] [Tue Dec 15 23:11:49 2020] [warning]: DBD::mysql::st execute failed: Unknown column ‘token’ in ‘field list’ at /usr/local/share/perl5/DBIx/SearchBuilder/Handle.pm line 603. (/usr/local/share/perl5/DBIx/SearchBuilder/Handle.pm:603)
[26784] [Tue Dec 15 23:11:49 2020] [warning]: RT::Handle=HASH(0xac78120) couldn’t execute the query ‘INSERT INTO Users (NickName, RealName, EmailAddress, Creator, Gecos, Password, LastUpdatedBy, Created, id, Name, token, LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)’ at /usr/local/share/perl5/DBIx/SearchBuilder/Handle.pm line 616.
DBIx::SearchBuilder::Handle::SimpleQuery(‘RT::Handle=HASH(0xac78120)’, ‘INSERT INTO Users (NickName, RealName, EmailAddress, Creator,…’, ‘’, ‘Not Anthony’, ‘none@company.com’, 14, ‘NSURNAME’, ‘NO-PASSWORD’, 14, …) called at /usr/local/share/perl5/DBIx/SearchBuilder/Handle.pm line 369
DBIx::SearchBuilder::Handle::Insert(‘RT::Handle=HASH(0xac78120)’, ‘Users’, ‘NickName’, ‘’, ‘RealName’, ‘Not Anthony’, ‘EmailAddress’, ‘none@company.com’, ‘Creator’, …) called at /usr/local/share/perl5/DBIx/SearchBuilder/Handle/mysql.pm line 36
DBIx::SearchBuilder::Handle::mysql::Insert(‘RT::Handle=HASH(0xac78120)’, ‘Users’, ‘NickName’, ‘’, ‘RealName’, ‘Not Anthony’, ‘EmailAddress’, ‘none@company.com’, ‘Creator’, …) called at /usr/local/share/perl5/DBIx/SearchBuilder/Record.pm line 1320
DBIx::SearchBuilder::Record::Create(‘RT::User=HASH(0xd663a38)’, ‘NickName’, ‘’, ‘RealName’, ‘Not Anthony’, ‘Creator’, 14, ‘EmailAddress’, ‘none@company.com’, …) called at /app/rt5/sbin/…/lib/RT/Record.pm line 316
RT::Record::Create(‘RT::User=HASH(0xd663a38)’, ‘id’, 274, ‘NickName’, ‘’, ‘RealName’, ‘Not Anthony’, ‘EmailAddress’, ‘none@company.com’, …) called at /app/rt5/sbin/…/lib/RT/User.pm line 196
RT::User::Create(‘RT::User=HASH(0xd663a38)’, ‘NickName’, ‘’, ‘Privileged’, 0, ‘RealName’, ‘Not Anthony’, ‘EmailAddress’, ‘none@company.com’, …) called at /app/rt5/sbin/…/lib/RT/REST2/Resource/Record/Writable.pm line 423
RT::REST2::Resource::Record::Writable::create_record(‘RT::REST2::Resource::User=HASH(0xaea8d88)’, ‘HASH(0xd652340)’) called at /app/rt5/sbin/…/lib/RT/REST2/Resource/Record/Writable.pm line 442
RT::REST2::Resource::Record::Writable::create_resource(‘RT::REST2::Resource::User=HASH(0xaea8d88)’, ‘HASH(0xd652340)’) called at /app/rt5/sbin/…/lib/RT/REST2/Resource/Record/Writable.pm line 161
RT::REST2::Resource::Record::Writable::from_json(‘RT::REST2::Resource::User=HASH(0xaea8d88)’) called at /usr/local/share/perl5/Web/Machine/FSM/States.pm line 613
Web::Machine::FSM::States::n11(‘RT::REST2::Resource::User=HASH(0xaea8d88)’, ‘Plack::Request=HASH(0xacaff70)’, ‘Plack::Response=HASH(0xb3cdcb0)’, ‘HASH(0xb3c85e8)’) called at /usr/local/share/perl5/Web/Machine/FSM.pm line 62
Web::Machine::FSM::try {…} () called at /usr/local/share/perl5/Try/Tiny.pm line 102
eval {…} called at /usr/local/share/perl5/Try/Tiny.pm line 93
Try::Tiny::try(‘CODE(0xac74d40)’, ‘Try::Tiny::Catch=REF(0xd3fa240)’) called at /usr/local/share/perl5/Web/Machine/FSM.pm line 129
Web::Machine::FSM::run(‘Web::Machine::FSM=HASH(0xacaff58)’, ‘RT::REST2::Resource::User=HASH(0xaea8d88)’) called at /usr/local/share/perl5/Web/Machine.pm line 93
Web::Machine::call(‘Web::Machine=HASH(0xad06708)’, ‘HASH(0xd620fe8)’) called at /app/rt5/sbin/…/lib/RT/REST2/Dispatcher.pm line 117
RT::REST2::Dispatcher::ANON(‘HASH(0xd620fe8)’) called at /app/rt5/sbin/…/lib/RT/REST2/Middleware/Auth.pm line 70
RT::REST2::Middleware::Auth::call(‘RT::REST2::Middleware::Auth=HASH(0xac39fe0)’, ‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Component.pm line 50
Plack::Component::ANON(‘HASH(0xd620fe8)’) called at /app/rt5/sbin/…/lib/RT/REST2/Middleware/Log.pm line 65
RT::REST2::Middleware::Log::call(‘RT::REST2::Middleware::Log=HASH(0xac3e6a0)’, ‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Component.pm line 50
Plack::Component::ANON(‘HASH(0xd620fe8)’) called at /app/rt5/sbin/…/lib/RT/REST2/Middleware/ErrorAsJSON.pm line 62
RT::REST2::Middleware::ErrorAsJSON::call(‘RT::REST2::Middleware::ErrorAsJSON=HASH(0xac3e838)’, ‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Component.pm line 50
Plack::Component::ANON(‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/App/URLMap.pm line 71
Plack::App::URLMap::call(‘Plack::App::URLMap=HASH(0xa40e6e8)’, ‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Component.pm line 50
Plack::Component::ANON(‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Util.pm line 145
eval {…} called at /usr/local/share/perl5/Plack/Util.pm line 145
Plack::Util::run_app(‘CODE(0xa6f7388)’, ‘HASH(0xd620fe8)’) called at /usr/local/share/perl5/Plack/Handler/FCGI.pm line 147
Plack::Handler::FCGI::run(‘Plack::Handler::FCGI=HASH(0xac477f0)’, ‘CODE(0xa6f7388)’) called at /usr/local/share/perl5/Plack/Loader.pm line 84
Plack::Loader::run(‘Plack::Loader=HASH(0xa6cccb0)’, ‘Plack::Handler::FCGI=HASH(0xac477f0)’) called at /usr/local/share/perl5/Plack/Runner.pm line 279
Plack::run(‘RT::PlackRunner=HASH(0xa40cbe0)’) called at /app/rt5/sbin/…/lib/RT/PlackRunner.pm line 150
eval {…} called at /app/rt5/sbin/…/lib/RT/PlackRunner.pm line 150
RT::PlackRunner::run(‘RT::PlackRunner=HASH(0xa40cbe0)’) called at /app/rt5/sbin/rt-server.fcgi line 162 (/usr/share/perl5/vendor_perl/Carp.pm:103)
[26784] [Tue Dec 15 23:11:49 2020] [error]: Could not create a new user - NickName–RealName-Not Anthony-EmailAddress-none@company.com-Gecos-NSURNAME-Password-NO-PASSWORD-Name-NSURNAME-token- (/app/rt5/sbin/…/lib/RT/User.pm:202)

It appears to be getting all the way to the SQL INSERT, which is failing. The field that stands out is ‘token’ which, although I can’t check yet, doesn’t look like a user field. token was passed as part of the URL.

I can confirm the above will result in a failed create

curl --location --request POST 'http://MyRT/REST/2.0/user' \
--header 'Authorization: Basic cm9vdDpwYXNzd29yZA==' \
--header 'Content-Type: application/json' \
--data-raw '{ "EmailAddress": "none@company.com.au",
"RealName": "A Person",
"Disabled": "0",
"Gecos": "aperson",
"Name": "aperson"
}'

works for me

So I’m struggling with two issues here. One is that I can only manage to authenticate using ‘?token=’ in the URL (not as a header), and the second is that when I put ?token into the URL, it makes it through to the SQL INSERT. So…

curl -X POST -H “Content-Type: application/json” -H “Authorization: token #token#>” -d ‘{ “EmailAddress”: “test@mctestington.com”, “Name”: “aperson”}’ ‘http://URL/REST/2.0/user’

Fails with an unauthorized error, whilst:

curl -X POST -H “Content-Type: application/json” -d ‘{ “EmailAddress”: “test@mctestington.com”, “Name”: “aperson”}’ ‘http://URL/REST/2.0/user?token=#token#’

Fails with logged entry:
[Wed Dec 16 04:43:39 2020] [warning]: RT::Handle=HASH(0xba84860) couldn’t execute the query ‘INSERT INTO Users (EmailAddress, Creator, Password, LastUpdatedBy, Created, id, token, Name, LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)’ at /usr/local/share/perl5/DBIx/SearchBuilder/Handle.pm line 616.

Which appears to be attempting to insert data into the field ‘token’ in Users, which does not exist.

(Note: using http temporarily to allow capturing of web requests)

You may need to add this apache config

https://docs.bestpractical.com/rt/5.0.0/web_deployment.html#Token-Authentication

That’s interesting. I’ll get that put in when we get back to work in January.

Thanks