question

Upvotes
Accepted
1 1 0 2

Behavior when making DSS report request when user is not licensed for content

What is the expected behavior using the DSS C# interface when making an extraction request, when the requesting user is not licensed for the content being requested? Specifically we make ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) and ExtractionsContext.Extract(BondScheduleExtractionRequest) requests. What would happen if the requesting user is not licensed for any End of Day Pricing or Bond Schedule content? Will zero extracted rows be returned or will an exception or other fault be raised? If an exception or fault is raised, please provide specifics so we can handle the exception properly.

dss-rest-apidatascope-selectdsserror
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvote
Accepted
465 3 5 3

With regards to permission-related errors, there are 4 basic categories:

  1. Template-level permissions. If you do not have permissions for the template, the entire request will fail with a ForbiddenException (see status codes page for the full list of status codes and exceptions).
  2. Field-level permissions. These will be noted in the Notes when calling ExtractWithNotes.
  3. Instrument-level permissions. These can be embargoed (delayed) or supressed. These will be noted in the Notes when calling ExtractWithNotes.
  4. Masking. Broker entitlements can result in the broker name being masked out unless you have the appropriate permissions.
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1.1k 5 3 5

Any non-200 HTTP Status (where 200's include all 2xx statuses) will include a JSON body that details the reason behind the failure.They all follow this format:

{
    "error": {
        "message": "......."
    }
}

In the case of not having proper rights, you should expect a 403.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

4xx and 5xx responses almost always have the error structure returned above. There are a few situations where that is not the case. Client side error handling should work as follows for 4xx and 5xx errors: if the content-type is application/json, it will always be the error format above. If the content-type is text/plain or text/html then that is the format of the error message. Text/plain or text/html only occurs in a few rare situations. For example, a Service Unavailable (503) will return text/html.

Upvotes
1.1k 5 3 5

I should verify that JSON is the same for all result codes - working on that....

The body will be valid JSON and contain a message, I am not sure if the outer node is always be called "error".

They are all the same; it's an OData spec.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 1 0 2

Thank you for the information. I don't think you fully understood my question. Since we are using the Dot Net DLL provided by Thomson Reuters (namespace ThomsonReuters.Dss.Api.Extractions), all of the HTTP request/response and JSON handling is handled within the DLL. For example, our specific call, ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) returns an array of ExtractionRow objects or throws and exception. So my question is if the user is not licensed for any of the content for End of Day Pricing, would the ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) method call simply return an empty list of ExtractionRows or would an exception be thrown. If an exception is thrown, would there be a way to distinguish this specific condition from other exceptions either by the Exception class thrown or the exception content. In our specific case, we wish to handle this error condition differently than say a network communication error. Thanks.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Hi @James Steinke,

First of all, my apologies for this late answer to your comment.

I may have misunderstood, but I think Troy actually responded to your questions. And he did it in the context of .NET library. He explained that if the user is not permissioned for a specific template (e.g. EndOfDayPricing) the entire request will fail with a ForbiddenException. He also gave you a link to a page that describes the different exceptions and status codes).

Do you need more information to handle error conditions in your application?

Upvote
11.3k 26 9 14

If an user doesn't have permission for extraction, the 403 HTTP status should be returned instead. For DSS REST API Toolkit, the Extract() function will throw an ThomsonReuters.Dss.Api.ForbiddenException with "No permission for template "<template name>"" in the "message" attribute.

For other type of 4xx HTTP status, the ToolKit will throw other types of exception. For example, ThomsonReuters.Dss.Api.UnauthorizedException for 401 HTTP status, ThomsonReuters.Dss.Api.ValidationException for 400 HTTP status.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.