Unable to access DSP from AngularJS Mobile App


#1

I am on Amazon EC2 DSP 1.7.8.
Following your docs on AngularJS this is how I am declaring my constants:-

angular.module(‘starter’, [‘ionic’, ‘starter.controllers’, ‘starter.services’,‘ngDreamFactory’])
.constant(‘DSP_URL’, ‘My Url Here’)
.constant(‘DSP_API_KEY’, ‘sql’)

The URL above starts with http:// and is the ec2 instance address.

This is the error I get in the console when the app starts:-
GET –MY URL Here–/rest/api_docs 403 (Forbidden)
undefined : undefined --My Url Here–/rest/api_docs

The above error comes, even though I have not yet made any call to the DSP, so I assume it must be the framework making this call.

Just to confirm that my DSP is set up correctly and my URL is correct, this is what I get when I paste this in the browser:-
–My Url Here–/rest/api_docs?app_name=sql
{“swaggerVersion”:“1.2”,“apiVersion”:“1.0”,“authorizations”:{“apiKey”:{“type”:“apiKey”,“passAs”:“header”}},“info”:{“title”:“DreamFactory Live API Documentation",“description”:"",“contact”:"support@dreamfactory.com”,“license”:“Apache 2.0”,“licenseUrl”:“http://www.apache.org/licenses/LICENSE-2.0.html"},“events”:[“swagger.cache_cleared”,“swagger.cache_rebuilt”],“apis”:[{“path”:"/user",“description”:"User session and profile”},{“path”:"/system",“description”:“System configuration”},{“path”:"/db",“description”:“Local database access”},{“path”:"/email",“description”:“Email utility access”},{“path”:"/files",“description”:“Local file storage access”},{“path”:"/sql",“description”:“Amazon RDS Sql”}]}

Therefore, I assume the set up is correct.


At the DSP end:-

  1. I have defined a role, as “Amazon RDS” and have given service access of ‘sql’ to this role.
  2. In the CORS access inside Config, I have added * in the Host and selected all the HTTP verbs and enabled the same.
  3. Checked the “Allow Guest Users” and also Selected the role “Amazon RDS” for guest users.

So, when I make this call later in my code:- DreamFactory.api.db.getRecords
I get the error:- TypeError: Cannot read property ‘getRecords’ of undefined

Because the setup service itself is not getting instantiated properly.
Any help in this regard would be helpful.

Also, please don’t suggest me up-grading to 1.8.0 because whenever I try to upgrade, the screen gets white, even in the AWS instance, and I have to do everything again.

I have been following up with the support on the white screen upgrade issue, but that issue seems unresolved still.


#2

Feeling impatient and frustrated, I tried to upgrade to 1.8.0 and I get a white screen and the browser now points to :- http://**********************.compute.amazonaws.com/web/upgrade

This is the 3rd time, I am trying to upgrade, but all I get is the white screen when I click on the Upgrade button :frowning: !
No clue where to go


#3

Instead of clicking the upgrade button try this from your DSP’s root directory.

git stash
git checkout master
git pull origin master
php composer.phar update

I will try to get you an answer today on the getRecords problem.


#4

Thanks for replying. But I am on Amazon Web Cloud.
So, I am not clear where is this DSP’s root directory?

Also, do I have to upgrade to make this work or will 1.7.8 also work?


#5

I have managed to upgrade to 1.8.0, but I still see the same error.
Its sad to see that neither the support is able to help nor is the forum that active with input.

My experience with the Support is quite disappointing even after sending couple of mails. My issues don’t get addressed at all.
Now I am confused whether it is a good idea for me to go for this Open Source product at all, and if I go for your paid support plan would that be even worth it.

Since you folks are growing, I hope you take it as a serious feedback.


#6

Praveen we are working to answer your questions. Please stay tuned.


#7

Request is as below:-

GET /rest/api_docs HTTP/1.1
Host: ec2-*******-23.ap-southeast-1.compute.amazonaws.com
Connection: keep-alive
accept: application/json
Origin: http://localhost:8100
X-DreamFactory-Application-Name: sql
User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5
Referer: http://localhost:8100/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

Response is as below:-
HTTP/1.1 403 Forbidden
Date: Tue, 21 Oct 2014 12:12:28 GMT
Server: Apache
X-Powered-By: PHP/5.4.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-Requested-With,X-DreamFactory-Application-Name,X-Application-Name,X-DreamFactory-Session-Token,X-HTTP-Method,X-HTTP-Method-Override,X-METHOD-OVERRIDE
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, MERGE, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 900
X-DreamFactory-Source: http://ec2-*****-23.ap-southeast-1.compute.amazonaws.com
X-DreamFactory-Origin-Whitelisted: 0
Set-Cookie: PHPSESSID=25da0r82bm9c278gmaht92o903; path=/
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8


#9

Hi Praveen,

Thanks for being patient. We are a small team and are working hard to answer every question. The error you are experiencing is usually caused by the app name being incorrect. I know you have stated above that you were able to pull from the /rest/api_docs using:

–My Url Here–/rest/api_docs?app_name=sql

If you had an administrator session before doing this in your browser it wouldn’t have mattered what app_name was appended in the url…it would have worked.

Part of your question is a bit confusing to me so let’s sort this out first. You mentioned that you have a service named ‘sql’ that is assigned to your role Amazon RDS. You are also appending ‘sql’ as the app_name parameter in your call to rest/api_docs. Do you have an app named ‘sql’ and a service named ‘sql’?


#10

No I don’t have any app named: “sql”.
Its just that while going thru your docs, I saw that URL syntax with app_name and that worked.

I only have a service with ‘sql’. But it seems like this is the syntax, with a query string giving some result in browser.
http://ec2-*************-23.ap-southeast-1.compute.amazonaws.com/rest/api_docs?app_name=sql

Hope that answers your question.


#11

It does. So… create an app named something other than ‘sql’. Use something like ‘sql_app’. Don’t use spaces in the app name. When creating that app set the ‘Where will this app live’ options to ‘Native device or remote desktop’. Use the name of that app (for example ‘sql_app’) as the DSP_API_KEY in your app. This should clear up your 403. note It wouldn’t matter if you did have an app name that was the same as a service name but to keep your sanity I wouldn’t recommend doing that. :smile:


#12

Quite surprisingly this is what happens now:-
I created an app named sql_app as advised by you.

So now my AngularJS file looks like this:-
angular.module(‘starter’, [‘ionic’, ‘starter.controllers’, ‘starter.services’,‘ngDreamFactory’])

.constant(‘DSP_URL’, ‘http://ec2-************23.ap-southeast-1.compute.amazonaws.com’)
.constant(‘DSP_API_KEY’, ‘sql_app’)


However, strangely, this is what I see as the request
Remote Address:54.1**********
Request URL:http://ec2--23.ap-southeast-1.compute.amazonaws.com/ rest/api_docs/sql
Request Method:GET
Status Code:200 OK
Request Headersview source
accept:application/json
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:ec2-
-23.ap-southeast-1.compute.amazonaws.com
Origin:http://localhost:8100
Referer:http://localhost:8100/?restart=263736
User-Agent:Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5
X-DreamFactory-Application-Name:sql_app

Response Headers
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Content-Type,X-Requested-With,X-DreamFactory-Application-Name,X-Application-Name,X-DreamFactory-Session-Token,X-HTTP-Method,X-HTTP-Method-Override,X-METHOD-OVERRIDE
Access-Control-Allow-Methods:GET, POST, PUT, PATCH, MERGE, DELETE, OPTIONS
Access-Control-Allow-Origin:*
Access-Control-Max-Age:900
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection:Keep-Alive
Content-Type:application/json; charset=utf-8
Date:Tue, 21 Oct 2014 15:06:52 GMT
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive:timeout=2, max=98
P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma:no-cache
Server:Apache
Set-Cookie:PHPSESSID=e7g15l9m6cr3e9defoj5s71kh2; path=/
Transfer-Encoding:chunked
X-DreamFactory-Origin-Whitelisted:0
X-DreamFactory-Source:http://ec2-************-23.ap-southeast-1.compute.amazonaws.com
X-Frame-Options:SAMEORIGIN
X-Powered-By:PHP/5.4.33B

Here if you see my request is sent as rest/api_docs/sql, where as I clearly am not even referring to any service like that now. As can be seen in the X-DreamFactory-Application-Name in the request.

I am confused. But yeah I dont see 403 error here.


#13

Ok, Please ignore the request and response I pasted.
I just realized that the angular iteratively makes a call for all the services for which the role has access iteratively.
So, Since SQL is one of them that is why the call to sql also happened.

So, it seems I am getting it now.

So, please clarify one thing. In my case I just need a Remote SQL DB service now, and that’s why I did not have any app defined. So, is it that I have to have an app first, without which this DSP setup does not work.
I mean I can’t directly call a service. I have to mention an app name in the DSP Key and then I have to provide role access for the service which I need to call, and also assign the same role to this app.
This seems redundant to me, as I don’t actually need any app.

So, please explain how do things actually work.


#14

The app name functions as an api key. The DSP needs to identify the app making requests for an api. So basically the logic works like this.

You make a request.
The DSP makes sure a valid application is making the request. No valid app means don’t honor this request.
The DSP checks the session token sent with the request. That session token identifies the user and their role.
The DSP then checks if that user’s role has access to the app making the request and if the service has been provisioned for that request.
If everything is good then requested data is sent back to the client.

The steps listed are just a broad overview. It’s a bit more complex then that when you take into account guest users, chosen accesses, role setups, app groups, etc. Basically you don’t just want anyone with an app that makes ajax calls pinging your api for data. Which is why you have to have an api key (defined application name).


#15

Hi Praveen,

The reason for requiring an app ID as the API key is that the role system governs access to both a set of apps and a set of services. When a user logs in, DreamFactory looks at that user’s role and ensures that the user making the request actually has access to that app.

Accessing an app and services is the most common use case. In your scenario, just have one app (which simply serves as an API key, nothing else) and your end users can access any number of services. The key concepts are that 1) roles govern access to both apps and services; 2) a role can have access to one or more apps; 3) a role can have access to one or more services; 4) apps and services are completely decoupled, so for example many apps can use many of the same services.


#16

Thanks DF Team.

I also apologize for any harsh words I may have used for the support response.
It’s just that the frustration and repeated reinstalls to make it work made me lose my cool.

Thanks for making me understand how DF works. I did not know the requirement of APP, which I understand now.

Have a good one ! :slight_smile:


#17

Hi,
i know i am posting a bit late but i encountered something similar when i connected my angular app to the DreamFactory DSP. It is not very evident but i found some help on this forum itself.

The solution was that i had to wait for the Dreamfactory Apis to call the its ‘ready’ event.
I was not waiting for this event to fire and hence i got a similar error.

The code is:-

myapp.controller(‘MainCtrl’, [’$scope’, ‘DreamFactory’, function($scope, DreamFactory) {

$scope.$on(‘api:ready’, function(e) {
// Code goes here
alert(‘DreamFactory is ready’);

        //Now you can call the initiation functions to any DSP api like user login
        $scope.initFunc();
    }); 

}
]);

Now i can call the Dream apis , for my setup the DSP usually takes 2 seconds to fire the call after the page has loaded.