0 Replies Latest reply on Jan 27, 2016 1:52 PM by butch

    "Private Group -> Project" -> Add Stream Tile -> Post using Stream Tile Access Token -> bug

    butch

      Coming across a crazy bug that I can reliability reproduce.

       

      The Bug

       

      1) Post to a project stream tile using OAuth token obtained from the stream tiles code.

      2) The server will respond with 403 You are not allowed to perform this request

      3) But... the post is there!

       

      Setup Preconditions

       

      1) Create a Group

      2) Set the Group to private

      3) Create a Project under that group

      4) Add a Stream Tile to that project

      5) Post to that Stream Tile under the project using the OAuth token from the stream (bearer header)

       

      --> Stream Tiles OAuth token returns 403 You are not allowed to perform this request

       

      R78XCVj.gif

       

      5) Set the group to public

       

      --> Stream tile OAuth token returns 200

       

      JeXd8Qw.gif

       

      6) Set the group back to private

       

      --> Stream tile once again returns 403 You are not allowed to perform this request

       

       

      Yes - I've tried adding/removing the stream tile when private/public.  Still same thing.

       

      Why is this an issue?  We use the response of the stream post to track the posted external content.  When webhooks from the "comments" fire back - we know where to link the data to internally.  Without this... no link.

       

      Ryan Rutan and Markus Nagel will find this one interesting!