[GH-ISSUE #1361] [API] post_resource__resourceId__roles issue: Organization not found #35296

Closed
opened 2026-06-18 20:16:06 -05:00 by GiteaMirror · 4 comments
Owner

Originally created by @Esa-mimbias on GitHub (Aug 27, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/1361

Hi,

Still using API extensively to configure Pangolin "as code".

I met another issue when trying to set a role to a resource

in my example, my resource is number 57 (

{"resourceId":57,"name":"aaaa","ssl":true,"fullDomain":"aaaa.subdomain.domain.tld.diplomatie.fr","passwordId":null,"sso":true,"pincodeId":null,"whitelist":false,"http":true,"protocol":"tcp","proxyPort":null,"enabled":true,"domainId":"domain1"}

I try to add member role (default role, number 2) for my ord named prod

{"roleId":2,"orgId":"prod","isAdmin":null,"name":"Member","description":"Members can only view resources","orgName":"prod"}

POSTing using curl fails:

 {"data":null,"success":false,"error":true,"message":"Organization not found","status":500,"stack":null}

docs swagger execute fails consistantly:

Image

in Pangolin debug logs,

POST /api/v1/resource/41/roles

seems OK (and indeed, it works)

I tried to check code around 6c9b445be6/server/routers/resource/setResourceRoles.ts (L75) but I'm not proficient enough in TS :(

It would really help me.

Originally created by @Esa-mimbias on GitHub (Aug 27, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/1361 Hi, Still using API extensively to configure Pangolin "as code". I met another issue when trying to set a role to a resource in my example, my resource is number 57 ( ``` {"resourceId":57,"name":"aaaa","ssl":true,"fullDomain":"aaaa.subdomain.domain.tld.diplomatie.fr","passwordId":null,"sso":true,"pincodeId":null,"whitelist":false,"http":true,"protocol":"tcp","proxyPort":null,"enabled":true,"domainId":"domain1"} ``` I try to add `member` role (default role, number 2) for my ord named `prod` ``` {"roleId":2,"orgId":"prod","isAdmin":null,"name":"Member","description":"Members can only view resources","orgName":"prod"} ``` POSTing using curl fails: ``` {"data":null,"success":false,"error":true,"message":"Organization not found","status":500,"stack":null} ``` `docs` swagger execute fails consistantly: <img width="1172" height="1651" alt="Image" src="https://github.com/user-attachments/assets/74b28707-e4c8-4860-9cf7-d1795f909f4e" /> in Pangolin debug logs, ``` POST /api/v1/resource/41/roles ``` seems OK (and indeed, it works) I tried to check code around https://github.com/fosrl/pangolin/blob/6c9b445be60139901f3b1f8bd2afed74e6a15020/server/routers/resource/setResourceRoles.ts#L75 but I'm not proficient enough in TS :( It would really help me.
Author
Owner

@binu-baiju commented on GitHub (Aug 27, 2025):

Hi, I’d like to work on this issue. Could you assign it to me? I’ll start by checking setResourceRoles.ts to see why the org isn’t being resolved. @Esa-mimbias

<!-- gh-comment-id:3227774005 --> @binu-baiju commented on GitHub (Aug 27, 2025): Hi, I’d like to work on this issue. Could you assign it to me? I’ll start by checking setResourceRoles.ts to see why the org isn’t being resolved. @Esa-mimbias
Author
Owner

@Pallavikumarimdb commented on GitHub (Aug 27, 2025):

Hi @Esa-mimbias , Since you’re sending the correct payload, the "Organization not found" error is likely because resource 57 is not linked to the same organization as your API key or user.

In Pangolin, the org is determined from your authentication context (req.userOrg or req.apiKeyOrg), not from the request body. Even if you include "orgId": "prod" in your payload, it will be ignored.

Could you double-check if resource 57 is attached to your org (prod)? For example, does it have the same orgId as resource 41 (which works)? If not, that explains the failure.

<!-- gh-comment-id:3228257284 --> @Pallavikumarimdb commented on GitHub (Aug 27, 2025): Hi @Esa-mimbias , Since you’re sending the correct payload, the "Organization not found" error is likely because resource 57 is not linked to the same organization as your API key or user. In Pangolin, the org is determined from your authentication context (req.userOrg or req.apiKeyOrg), not from the request body. Even if you include "orgId": "prod" in your payload, it will be ignored. Could you double-check if resource 57 is attached to your org (prod)? For example, does it have the same orgId as resource 41 (which works)? If not, that explains the failure.
Author
Owner

@Esa-mimbias commented on GitHub (Aug 27, 2025):

OK thank you for the explanation.

the script I wrote to configure Pangolin via API has different tasks :

  • read basic informations (orgs, sites, domain...)
  • create or recreate resources
  • update resources to assign a role

the first two tasks were done with a server-level root API key, I didn't thought about switching to an organization-level API key for the third task

I updated my script to switch to org API key after first task (GET informations), and it works fine.

Thanks again

(for now it's crude bash script, I may rewrite it in Python and share it)

<!-- gh-comment-id:3228495972 --> @Esa-mimbias commented on GitHub (Aug 27, 2025): OK thank you for the explanation. the script I wrote to configure Pangolin via API has different tasks : - read basic informations (orgs, sites, domain...) - create or recreate resources - update resources to assign a role the first two tasks were done with a server-level root API key, I didn't thought about switching to an organization-level API key for the third task I updated my script to switch to org API key after first task (GET informations), and it works fine. Thanks again (for now it's crude bash script, I may rewrite it in Python and share it)
Author
Owner

@oschwartz10612 commented on GitHub (Aug 31, 2025):

I agree I think there actually is an issue here.

I dont think you should have to switch API keys to add a role to a
resource. The issue is indeed that the orgId is coming out of the api
key or user which causes the issue in
server/routers/resource/setResourceRoles.ts:77

To fix this I think we could just pull the orgId from the resource. Ill
fix this in the next release.

<!-- gh-comment-id:3239767748 --> @oschwartz10612 commented on GitHub (Aug 31, 2025): I agree I think there actually is an issue here. I dont think you should have to switch API keys to add a role to a resource. The issue is indeed that the orgId is coming out of the api key or user which causes the issue in server/routers/resource/setResourceRoles.ts:77 To fix this I think we could just pull the orgId from the resource. Ill fix this in the next release.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#35296