Data extraction problem

sd_barry · June 9, 2022, 9:37am

Hello py community.

I am new to python and have done some programming to extract data from Time Doctor API using python. I am successful is in some categories but when I try to access Users data it say that I don’t have permissions to perform this action. I am sharing my code so that you guys can help in finding appropriate correction.

When use the above credentials in time doctor documentation in following link

https://timedoctor.redoc.ly/#operation/getUsers

It works perfectly.

However, in following code: it gives error


#----------Get Users Start of Code

users_url = "https://api2.timedoctor.com/api/1.0/users?company=" + company_id + "&user=#&manager=#&tag=#&self=#&detail=#&task-project-names=#&no-tag=#&deleted=#&page=#&limit=#&sort=#&filter%5Bid%5D=#&filter%5Bemail%5D=#&filter%5Bname%5D=#&filter%5Btag%5D=#&filter%5Bkeywords%5D=#&filter%5Brole%5D=#&filter%5BshowOnReports%5D=#&filter%5BpayrollAccess%5D=#&filter%5Bscreenshots%5D=#&filter%5Bvideos%5D=#&filter%5Bcreated%5D=#&filter%5BhostName%5D=#&filter%5Bos%5D=#&filter%5BhiredAt%5D=#&filter%5BlastTrack%5D=#&filter%5BlastActiveTrack%5D=#&filter%5BclientVersion%5D=#&filter%5Bip%5D=#&filter%5Bshow-on-reports%5D=#&filter%5Bpayroll-access%5D=#&filter%5Bhost-name%5D=#&filter%5Bhired-at%5D=#&filter%5Blast-track%5D=#&filter%5Blast-active-track%5D=#&filter%5Bclient-version%5D=#&token=" + login_token

users_query = {
  "company": company_id,
  "user": "",
  "manager": "",
  "tag": "",
  "self": "",
  "detail": "",
  "task-project-names": "",
  "no-tag": "",
  "deleted": "",
  "page": "",
  "limit": "",
  "sort": "",
  "filter[id]": "",
  "filter[email]": "",
  "filter[name]": "",
  "filter[tag]": "",
  "filter[keywords]": "",
  "filter[role]": "",
  "filter[showOnReports]": "",
  "filter[payrollAccess]": "",
  "filter[screenshots]": "",
  "filter[videos]": "",
  "filter[created]": "",
  "filter[hostName]": "",
  "filter[os]": "",
  "filter[hiredAt]": "",
  "filter[lastTrack]": "",
  "filter[lastActiveTrack]": "",
  "filter[clientVersion]": "",
  "filter[ip]": "",
  "filter[show-on-reports]": "",
  "filter[payroll-access]": "",
  "filter[host-name]": "",
  "filter[hired-at]": "",
  "filter[last-track]": "",
  "filter[last-active-track]": "",
  "filter[client-version]": "",
  "token": login_token
}

users_response = requests.get(users_url, params=users_query)

users_data = users_response.json()
print('''



Users DATA''')

print(users_data)

#----------Get Users End of Code

Here is my output

Users DATA
{'error': 'denied', 'thrown': '2022-06-09T09:27:31.280Z', 'message': "Your don't have permission to perform this action."}

I would be greatful if anyone can help in correcting my mistake.

Looking forward to your support.

Thanks.

Sulaiman

vbrozik · June 9, 2022, 9:56am

Are you sure you are not revealing sensitive data (company_id and login_token)? If so, remove them.

Thank you for including your code. Please, paste the code between triple backticks to preserve the indentation and other important details. Do not skip commands like variable assignments. If possible Include all the code which is needed for replication of the behaviour. Include the outputs and error messages.

```
command to run your code
```

```python
your python code here
```

```
output of your code (including error messages)
```

That will keep the formatting which is very important in Python.

sd_barry · June 9, 2022, 10:28am

Thanks. I ve made the suggested correction

vbrozik · June 9, 2022, 4:41pm

Thanks.

You did not write how did you create the code. I guess you copied it from the documentation. And inserted company_id and login_token, every at two places. Am I right?

The documentation contains a mistake. The url should be just "https://api2.timedoctor.com/api/1.0/users" because requests.get(url, params=query) creates the part of the URL starting at ? from the query dictionary for you. You should not insert company_id and login_token, every twice.

You can notice that you received a human-readable error message as a response:
"Your don't have permission to perform this action."

It is weird that there is a typo: Your
The message does not complain about company or token. I am guessing:
- This permission is allowed only from the documentation page.
- The server shows a wrong error message and:
  - Your token must be used with the original client IP address, not your computer. I do not know if the documentation page makes the connection from your computer or their server.
  - Your token already expired.
  - The token and/or company needs to be URL-quoted (urllib.parse.quote_plus) Anyway if you do not put the string into the URL as I suggested above, you should be safe.
  - …?

After checking the possibilities above I suggest you:

Double checking and comparing what you actually send with the documentation. See for example print(r.url) here: Passing Parameters In URLs
Contacting the provider of the API.

sd_barry · June 10, 2022, 12:56pm

Yes I copied the code from the author and pasted it in the language.

I am glad that you have provided a great solution and now I am able to access the users data. May you be blessed.

There were five parameters that were facing similar issue:

Users
Projects
Tasks
Activity
Files

All are working correctly.

Thanks @vbrozik

Topic		Replies	Views
Why I can't get any result from this Python Help	9	533	September 15, 2022
PermissionError [Errno 13] Permission denied Python 2023 Python Help	20	17644	January 4, 2023
Office 365 REST Python Client - Unable to get author name of Sharepoint file Python Help help	4	2930	October 28, 2022
Mac/Ventura permissions error with os module (SOLVED) Python Help	7	3743	December 2, 2023
Python Development on Android Device Python Help	1	589	March 17, 2023

Data extraction problem

Related Topics