Bug #18801
Updated by Lucas Di Pentima about 2 years ago
We've received a report about @arvados-ws@ getting errors from the API server.
This is what happens:
<pre>
$ curl -k -G --data-urlencode 'select=["uuid"]' -H "Authorization: OAuth2 ---token---" https://example-host/arvados/v1/api_client_authorizations/some-valid-uuid
{"errors":["//railsapi.internal/arvados/v1/api_client_authorizations/some-valid-uuid?select=%5B%22uuid%22%5D: 422 Unprocessable Entity: #\u003cActiveModel::MissingAttributeError: missing attribute: api_token\u003e (req-c2h9urh6s0p0xvowm555)"]}
</pre>
The @arvados-ws@ services does a request like this and it has been doing it since 2017 (line 80):
https://dev.arvados.org/projects/arvados/repository/diff/services/ws/permission.go?utf8=✓&rev=ba418300c50e1375ca9938562579b7bd6bf9490d&rev_to=0f644e242ef37c911ad3dc25aca8135c339de349
RailsAPI attempts to access the @api_token@ field in an @after_initialize@ hook:
https://dev.arvados.org/projects/arvados/repository/revisions/608e8f79c3fb5cb7077fce4a0b497c5c93d6d6d0/entry/services/api/app/models/api_client_authorization.rb#L38
...but because the request does a @select=["uuid"]@, that field isn't available.
Manual testing with @arvbox@ determined that this is a regression introduced in the 2.3.0 release.