Behavior when making DSS report request when user is not licensed for content

What is the expected behavior using the DSS C# interface when making an extraction request, when the requesting user is not licensed for the content being requested? Specifically we make ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) and ExtractionsContext.Extract(BondScheduleExtractionRequest) requests. What would happen if the requesting user is not licensed for any End of Day Pricing or Bond Schedule content? Will zero extracted rows be returned or will an exception or other fault be raised? If an exception or fault is raised, please provide specifics so we can handle the exception properly.

Find more posts tagged with

error

dss

dss-rest-api

datascope-select

Accepted answers

Troy Dalldorf

With regards to permission-related errors, there are 4 basic categories:

Template-level permissions. If you do not have permissions for the template, the entire request will fail with a ForbiddenException (see status codes page for the full list of status codes and exceptions).
Field-level permissions. These will be noted in the Notes when calling ExtractWithNotes.
Instrument-level permissions. These can be embargoed (delayed) or supressed. These will be noted in the Notes when calling ExtractWithNotes.
Masking. Broker entitlements can result in the broker name being masked out unless you have the appropriate permissions.

All comments

Rick Weyrauch

Any non-200 HTTP Status (where 200's include all 2xx statuses) will include a JSON body that details the reason behind the failure.They all follow this format:

{
    "error": {
        "message": "......."
    }
}

In the case of not having proper rights, you should expect a 403.

Rick Weyrauch

I should verify that JSON is the same for all result codes - working on that....

The body will be valid JSON and contain a message, I am not sure if the outer node is always be called "error".

They are all the same; it's an OData spec.

Troy Dalldorf

4xx and 5xx responses almost always have the error structure returned above. There are a few situations where that is not the case. Client side error handling should work as follows for 4xx and 5xx errors: if the content-type is application/json, it will always be the error format above. If the content-type is text/plain or text/html then that is the format of the error message. Text/plain or text/html only occurs in a few rare situations. For example, a Service Unavailable (503) will return text/html.

James Steinke

Thank you for the information. I don't think you fully understood my question. Since we are using the Dot Net DLL provided by Thomson Reuters (namespace ThomsonReuters.Dss.Api.Extractions), all of the HTTP request/response and JSON handling is handled within the DLL. For example, our specific call, ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) returns an array of ExtractionRow objects or throws and exception. So my question is if the user is not licensed for any of the content for End of Day Pricing, would the ExtractionsContext.Extract(EndOfDayPricingExtractionRequest) method call simply return an empty list of ExtractionRows or would an exception be thrown. If an exception is thrown, would there be a way to distinguish this specific condition from other exceptions either by the Exception class thrown or the exception content. In our specific case, we wish to handle this error condition differently than say a network communication error. Thanks.

veerapath.rungruengrayubkul

If an user doesn't have permission for extraction, the 403 HTTP status should be returned instead. For DSS REST API Toolkit, the Extract() function will throw an ThomsonReuters.Dss.Api.ForbiddenException with "No permission for template "<template name>"" in the "message" attribute.

For other type of 4xx HTTP status, the ToolKit will throw other types of exception. For example, ThomsonReuters.Dss.Api.UnauthorizedException for 401 HTTP status, ThomsonReuters.Dss.Api.ValidationException for 400 HTTP status.

Troy Dalldorf

With regards to permission-related errors, there are 4 basic categories:

Template-level permissions. If you do not have permissions for the template, the entire request will fail with a ForbiddenException (see status codes page for the full list of status codes and exceptions).
Field-level permissions. These will be noted in the Notes when calling ExtractWithNotes.
Instrument-level permissions. These can be embargoed (delayed) or supressed. These will be noted in the Notes when calling ExtractWithNotes.
Masking. Broker entitlements can result in the broker name being masked out unless you have the appropriate permissions.

Olivier DAVANT

Hi @James Steinke,

First
of all, my apologies for this late answer to your comment.

I may have misunderstood, but I think Troy actually responded to
your questions. And he did it in the context of .NET library. He explained that
if the user is not permissioned for a specific template (e.g.
EndOfDayPricing) the entire request will fail with a ForbiddenException. He
also gave you a link to a page that describes the different exceptions and
status codes).

Do you need more information to handle error
conditions in your application?

EXPLORE OUR SITES