topic Re: 501 error with Publish using web_api/publish in API / CLI Discussion

501 error with Publish using web_api/publish

Larionov_Ivan — Tue, 07 May 2024 10:48:33 GMT

Hi All,

I'm trying to use 'web_service' to publish changes on the management server (81.20). I'm following the format in the 'Management API Reference' (https://sc1.checkpoint.com/documents/latest/APIs/#web/publish~v1.8.1%20)

Receive error with publish function: {'code': 'not_implemented', 'message': 'Publishing other than current session is not implemented'}

My Python code:

def get_sid(): r = requests.post( url=f"{chkpt['url']}/web_api/login", headers={"Content-Type" : "application/json"}, json={'api-key' : chkpt['api-key']}, verify=False ) r.raise_for_status() return r.json() def set_session(name, description, comment): r = requests.post( url=f"{chkpt['url']}/web_api/set-session", headers=headers, json={ "new-name" : name, "description" : description, "comments" : comment}, verify=False ) r.raise_for_status() return r.json() def publish(uid): r = requests.post( url=f"{chkpt['url']}/web_api/publish", headers=headers, json={'uid' : uid}, verify=False ) r.raise_for_status() ### Full scenario # Login headers = { "Content-Type" : "application/json", "X-chkp-sid" : get_sid()['sid'] } # Set name/description/comment for session new_session = set_session(name, description, comment) # Add new hosts to some group create_new_objects() # Publish changes publish(new_session['uid']) # install policy install_policy(policy_name)

Re: 501 error with Publish using web_api/publish

PhoneBoy — Tue, 07 May 2024 22:43:34 GMT

To publish the current session, you do not need to pass a uid to the publish function.
In fact, that's exactly what the error is saying (this function is not implemented).
The session that will be published is the one passed with X-chkp-sid in the HTTP headers.

@Omer_Kleinstern if publishing another session isn't implemented, shouldn't the docs reflect this?

Re: 501 error with Publish using web_api/publish

Larionov_Ivan — Wed, 08 May 2024 07:11:36 GMT

Thanks for the reply, but I'm unsure what I should put to the payload of the function Publish.

If I put the current login session UID - the same error 501 {'code': 'not_implemented', 'message': 'Publishing other than current session is not implemented'}

If I remove uid from the function - get 400 {'code': 'generic_err_invalid_syntax', 'message': 'Payload is empty'}

Documents said:

Session unique identifier. Specify it to publish a different session than the one you currently use.

Re: 501 error with Publish using web_api/publish

PhoneBoy — Wed, 08 May 2024 14:32:33 GMT

The documentation is correct insofar as this is the intent of passing a uid, specifically publishing a DIFFERENT session from the one specified as part of the X-chkp-sid header.
However, as the error message clearly states, this is not currently implemented.
Which means you should not pass uid as part of your payload, but rather an empty JSON string: { }

Re: 501 error with Publish using web_api/publish

Amir_Senn — Wed, 08 May 2024 15:31:31 GMT

I recommend looking at the examples in the API guide if something is unclear.

https://sc1.checkpoint.com/documents/latest/APIs/index.html?#web/publish~v1.9.1%20

From API login command reference, it returns uid in the answer for the following:

uid

string

Session object unique identifier. This identifier may be used in the discard API to discard changes that were made in this session, when administrator is working from another session, or in the 'switch-session' API.

Re: 501 error with Publish using web_api/publish

Bob_Zimmerman — Wed, 08 May 2024 16:10:14 GMT

You need to include an empty JSON object. I just tested:

➜ PublishTest> curl -ks "https://${TestMgmt}/web_api/login" --header "Content-Type: application/json" -d '{"user":"admin","password":"1qaz!QAZ","read-only":false}' >session1.txt Session1Uuid=$(jq '.uid' session1.txt) Session1Sid=$(jq '.sid' session1.txt | tr -d '"') curl -ks "https://${TestMgmt}/web_api/login" --header "Content-Type: application/json" -d '{"user":"admin","password":"1qaz!QAZ","read-only":false}' >session2.txt Session2Uuid=$(jq '.uid' session2.txt) Session2Sid=$(jq '.sid' session2.txt | tr -d '"') ➜ PublishTest> curl -k "https://${TestMgmt}/web_api/publish" --header "X-Chkp-Sid: ${Session1Sid}" --header "Content-Type: application/json" -d "{\"uid\":${Session1Uuid}}" { "code" : "not_implemented", "message" : "Publishing other than current session is not implemented" } ➜ PublishTest> curl -k "https://${TestMgmt}/web_api/publish" --header "X-Chkp-Sid: ${Session1Sid}" --header "Content-Type: application/json" -d "{\"uid\":${Session2Uuid}}" { "code" : "not_implemented", "message" : "Publishing other than current session is not implemented" } ➜ PublishTest> curl -k "https://${TestMgmt}/web_api/publish" --header "X-Chkp-Sid: ${Session1Sid}" --header "Content-Type: application/json" { "code" : "generic_err_missing_session_id", "message" : "No query parameters are found" } ➜ PublishTest> curl -k "https://${TestMgmt}/web_api/publish" --header "X-Chkp-Sid: ${Session1Sid}" --header "Content-Type: application/json" -X POST { "code" : "generic_err_invalid_syntax", "message" : "Payload is empty" } ➜ PublishTest> curl -k "https://${TestMgmt}/web_api/publish" --header "X-Chkp-Sid: ${Session1Sid}" --header "Content-Type: application/json" -d "{}" { "task-id" : "01234567-89ab-cdef-ace5-5d8aa277909b" }

Note that a call to /publish with just the POST method but no body at all returns the "Payload is empty" error.

Re: 501 error with Publish using web_api/publish

PhoneBoy — Wed, 08 May 2024 16:19:04 GMT

Yes, and the fact that an empty JSON string must be sent is clearly shown in the example.