Symptoms

A Reseller tries to change php-based Domain Registrar plugin settings in the Reseller CP interface. The following error appears:

"The operation on the resource [UID] is not allowed.".

The same error can be faced on attempt to use the Test connection button.

Also, the follwing errors can be faced:

"Connection test failed. Please check connection parameters."

Same time, settings can be changed under Provider account.

it could be seen in the core.log that ApsSecurityManagerBean.hasAdminPermission check returns false response:

DBG [... pau]: c.p.p.tracer exit: com.parallels.pa.service.aps.ejb.ApsSecurityManagerBean.hasManagePermission returning false
DBG [... pau]: c.p.p.tracer entry: com.parallels.pa.service.aps.ejb.ApsSecurityManagerBean.hasAdminPermission(Actor: RESELLER100123, a17e64ea-...-5fe9cd7a1803)
DBG [... pau]: c.p.p.tracer exit: com.parallels.pa.service.aps.ejb.ApsSecurityManagerBean.hasAdminPermission returning false
DBG [... pau]: c.p.p.tracer exit by exception: com.parallels.pa.service.connectivity.ejb.CustomOperationProcessorBean.prepareEndpointRequest com.parallels.pa.service.aps.api.APSAccessViolationException: The operation on the resource 'a17e64ea-...-5fe9cd7a1803' is not allowed.
    at com.parallels.pa.service.connectivity.ejb.CustomOperationProcessorBean.prepareEndpointRequest(CustomOperationProcessorBean.java:230)
    at sun.reflect.GeneratedMethodAccessor237.invoke(Unknown Source)

Cause

Incorrect permissions set for the updatePlugin APS operation during the OA platform upgrade.
This behavior has been submitted to Odin Development team as request #POA-114745: "APS-43402-update-operations-access.SaaS.py breaks permissions for PACore types if installation is upgraded from 7.0.1".

Resolution

Contact Pooled Technical Associate Team or Technical Account Manager in order to trace the status and discuss possible work around of the issue.

Internal content

Link on internal Article