1
votes

I am running datastore emulator. When I run "dev_appserver.py app.yaml" command, I get this error

403 Missing or insufficient permissions.

This is the warning I get. I know there is a problem with authentication. I have gone through this. But couldn't end up finding a solution.

Some details:

  1. I am using MySQL databases for some apps.

  2. For others I want to use datastore.

  3. I am running datastore emulator on one tab, Google cloud proxy on another, dev_appserver on the third one.

  4. I have set the environment variables using the command gcloud beta emulators datastore env-init.

My settings.py

if os.getenv('GAE_APPLICATION', None):
# Running on production App Engine, so connect to Google Cloud SQL using
# the unix socket at /cloudsql/<your-cloudsql-connection string>
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'HOST': '/cloudsql/connectionname',
        'NAME': 'db_name',
        'USER': 'username',
        'PASSWORD': 'password',
    }
}
else:
# Running locally so connect to either a local MySQL instance or connect to
# Cloud SQL via the proxy. To start the proxy via command line:
#
#     $ cloud_sql_proxy -instances=[INSTANCE_CONNECTION_NAME]=tcp:3306
#
# See https://cloud.google.com/sql/docs/mysql-connect-proxy
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'HOST': '127.0.0.1',
        'PORT': '3307',
        'NAME': 'dbname',
        'USER': 'username',
        'PASSWORD': 'password',
    }
}    
# [END db_setup]

My app.yaml

runtime: python37

handlers:
- url: /static
  static_dir: static/
- url: /.*
  script: auto

Technology background:

Django 2.1 Python 3.5.2

Stack trace:

Traceback (most recent call last):
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/django/core/handlers/base.py", line 126, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/django/core/handlers/base.py", line 124, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/home/salman/chaipani_env/project_chaipani/chaipani/views.py", line 20, in post_new
    post = models.insert(data)
  File "/home/salman/chaipani_env/project_chaipani/chaipani/models.py", line 15, in insert
    client.put(entity)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/cloud/datastore/client.py", line 404, in put
    self.put_multi(entities=[entity])
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/cloud/datastore/client.py", line 431, in put_multi
    current.commit()
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/cloud/datastore/batch.py", line 273, in commit
    self._commit()
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/cloud/datastore/batch.py", line 249, in _commit
    self.project, mode, self._mutations, transaction=self._id)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/cloud/datastore_v1/gapic/datastore_client.py", line 426, in commit
    request, retry=retry, timeout=timeout, metadata=metadata)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/api_core/gapic_v1/method.py", line 139, in __call__
    return wrapped_func(*args, **kwargs)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/api_core/retry.py", line 260, in retry_wrapped_func
    on_error=on_error,
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/api_core/retry.py", line 177, in retry_target
    return target()
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/api_core/timeout.py", line 206, in func_with_timeout
    return func(*args, **kwargs)
  File "/tmp/tmpIZrOSY/lib/python3.5/site-packages/google/api_core/grpc_helpers.py", line 61, in error_remapped_callable
    six.raise_from(exceptions.from_grpc_error(exc), exc)
  File "<string>", line 3, in raise_from
google.api_core.exceptions.PermissionDenied: 403 Missing or insufficient permissions.
INFO     2018-10-10 10:51:26,298 module.py:880] default: "POST /users/post/new/ HTTP/1.1" 500 133823
1
Where do you get the error? 403 is a http status code. You typically get that when trying to use a http method on an url that requires permission you don't have.Håken Lid
Yes I know that. Actually I am authenticated as an end user, I want to authenticate using service account. But my app is not taking into account the service account credentials. That is where I need help. Thanks.Salman Haseeb Sheikh
Please add the full traceback of the error to your question.Håken Lid
I have added stack trace.Salman Haseeb Sheikh

1 Answers

-1
votes

It seems that your Default service account does not have enough permissions. It might require some additional permissions such as "Datastore Index Admin" to infer over a Datastore[1]. I am not sure on how this will work in the Datastore emulator, but since it aims to provide a local emulation, maybe it will get the roles and permission to perform a test. Could you please check the permissions in your service account[2], change if needed and let me know if the issue persists. I will be waiting for your reply.

[1]https://cloud.google.com/appengine/docs/flexible/nodejs/granting-project-access#before_you_begin [2]https://cloud.google.com/iam/docs/granting-roles-to-service-accounts