Aspects Reports (embedded Superset dashboards): internal authentication error for staff and superusers #925
Comments
|
Hi @pkolyvas, can you leave the following information:
|
|
Hey - sorry we had moved on, but the issue persists. I'll try to set aside some time this week to gather the required information and update the issue. Still persistent on multiple installs with Tutor/Redwood. |
|
I'm not sure if the gist is up to date, but I don't see anywhere in your setup script where you're installing or initializing Aspects. I do see Cairn in there, and if you're installing both that may be your problem. As far as I know they don't both work together. |
|
I stumbled upon here while encountering similar problem. The problem for us was, that we are using multi-tenant/Site configuration, such that the instructor dashboard could be accessed from a domain different than To fix it for us, rather than using Note: applying the above patch, you need to ensure that course is being accessed from a microsite of which the org belongs to, however you could get away from that restriction, by using the |
This URL of fetching guest_token is always LMS_ROOT_URL, however in case multisite is being used the guest could be in a different url. This change ensure that cookie is being sent if the other site is a subdomain or shares parent domain with LMS_URL_ROOT This might be realted to openedx/tutor-contrib-aspects/issues/925
|
Also there is a simpler solutoin if microsite is just a subdomain of diff --git a/platform_plugin_aspects/static/js/embed_dashboard.js b/platform_plugin_aspects/static/js/embed_dashboard.js
index 5555c62..1b169d0 100644
--- a/platform_plugin_aspects/static/js/embed_dashboard.js
+++ b/platform_plugin_aspects/static/js/embed_dashboard.js
@@ -30,6 +30,7 @@ async function fetchGuestToken() {
headers: {
"X-CSRFToken": getCookie("csrftoken"),
},
+ credentials: 'include',
body: body,
}); This beacuse I would assume this is acceptable, since in any case in MFE ecosystem RESTful requests do incldue cross-site cookie. or when ajax is being used instead of native |
This URL of fetching guest_token is always LMS_ROOT_URL, however in case multisite is being used the guest could be in a different url. This change ensure that cookie is being sent if the other site is a subdomain or shares parent domain with LMS_URL_ROOT This might be realted to openedx/tutor-contrib-aspects/issues/925
Issue
I followed the instructions on a bone-stock 17.0.6 tutor install (due to two different bugs in 18.0 - 18.1.3). My installation is scripted and parameterized here, so it was easy to get to a repeatable, stock install.
As per my thread here there is an internal authentication error when an educator or staff member tries to view the embedded reports dashboards on the LMS Instructor Reports tab.
Affected versions
I've run tutor 17.0.6 and every version of 18 from 18.0.0 to 18.1.3. The issue persists across all versions.
Expected behaviour
Pretty straightforward here. Following the instructions for installation should result in the reports (embedded superset dashboards) loading.
Additional details
Originally I was worried that installing
aspectsbefore tutor had be launched the first time was causing the issue, so I experiment with installing it both during initial config and after tutor had been running with courses and users for a bit, however the authentication issue persists irrespective of the order in which it's installed.The text was updated successfully, but these errors were encountered: