I took a quick look at the ODATA API tracing while running a TI process, with the ItemReject function, from an action button as a non-admin in the TM1 model.
4000 [] DEBUG 2021-06-28 07:30:18.844 TM1.HttpRequest GET /api/v1/TailMessageLog%28%29
4000 [1] DEBUG 2021-06-28 07:30:19.027 TM1.HttpResponse 200 OK
4000 [1] DEBUG 2021-06-28 07:30:19.027 TM1.HttpResponseBody {"@odata.context":"$metadata#","value":"MessageLogEntries/!delta('0[4096]445379691@65228!194259247')"}
4000 [1] DEBUG 2021-06-28 07:30:19.035 TM1.HttpRequest POST /api/v1/Processes('ItemReject')/tm1.ExecuteWithReturn?$expand=ErrorLogFile
4000 [1] DEBUG 2021-06-28 07:30:19.065 TM1.HttpRequestBody {"Parameters":[]}
4000 [1] DEBUG 2021-06-28 07:30:19.065 TM1.HttpResponse 202 Accepted
4004 [1] DEBUG 2021-06-28 07:30:19.366 TM1.HttpResponse 201 Created
4004 [1] DEBUG 2021-06-28 07:30:19.366 TM1.HttpResponseBody {"@odata.context":"../$metadata#ibm.tm1.api.v1.ProcessExecuteResult","ProcessExecuteStatusCode":"CompletedWithMessages","ErrorLogFile":{"Filename":"TM1ProcessError_20210628143019_11004004_ItemReject.log"}}
4000 [1] DEBUG 2021-06-28 07:30:20.205 TM1.HttpRequest GET /api/v1/_async('QI01MTUA5JYUM8y-woAjCCkjgcabX')
4000 [1] DEBUG 2021-06-28 07:30:20.207 TM1.HttpResponse 200 OK
4000 [1] DEBUG 2021-06-28 07:30:20.207 TM1.HttpResponseBody HTTP/1.1 201 Created
4000 [1] DEBUG 2021-06-28 07:30:20.347 TM1.HttpRequest GET /api/v1/MessageLogEntries%2F%21delta%28%270%5B4096%5D445379691%4065228%21194259247%27%29?$filter=tolower(replace(Logger,'%20',''))%20eq%20'tm1.process'%20and%20contains(Message,'TM1ProcessError_20210628143019_11004004_ItemReject.log')&$top=1
4000 [1] DEBUG 2021-06-28 07:30:20.348 TM1.HttpResponse 400 Bad Request
4000 [1] DEBUG 2021-06-28 07:30:20.348 TM1.HttpResponseBody {"error":{"code":"63","message":"ObjectSecurityNoAdminRights"}}
Looks like PAW is actually requesting content from the tm1server.log file (not the TM1ProcessError_20210628143019_11004004_ItemReject.log file) and TM1 is telling PAW that the non-admin user doesn't have permission. This makes sense, the user doesn't have permission since they are not admin.
Compare the above to clicking the PAW action button as an Admin in TM1:
536 [] DEBUG 2021-06-28 08:50:36.292 TM1.HttpRequest GET /api/v1/Configuration
536 [2] DEBUG 2021-06-28 08:50:36.453 TM1.HttpResponse 200 OK
536 [2] DEBUG 2021-06-28 08:50:36.453 TM1.HttpResponseBody {"@odata.context":"$metadata#Configuration","ServerName":"Planning Sample","AdminHost":"","ProductVersion":"11.8.00600.6","PortNumber":12345,"ClientMessagePortNumber":60526,"HTTPPortNumber":12354,"IntegratedSecurityMode":false,"SecurityMode":"CAM","PrincipalName":"","SecurityPackageName":"","ClientCAMURIs":[],"WebCAMURI":"http://rescind1.fyre.ibm.com:9300/bi/v1/disp?b_action=xts.run&m=portal/bridge.xts&c_env=portal/variables_TM1.xml&c_mode=mixed&c_cmd=","ClientPingCAMPassport":900,"ServerCAMURI":"","AllowSeparateNandCRules":false,"DistributedOutputDir":"","DisableSandboxing":false,"JobQueuing":false,"ForceReevaluationOfFeedersForFedCellsOnDataChange":false,"DataBaseDirectory":"c:\\ibm\\models\\plansamp\\data","UnicodeUpperLowerCase":true}
536 [2] DEBUG 2021-06-28 08:50:36.462 TM1.HttpRequest GET /api/v1/TailMessageLog%28%29
536 [2] DEBUG 2021-06-28 08:50:36.464 TM1.HttpResponse 200 OK
536 [2] DEBUG 2021-06-28 08:50:36.464 TM1.HttpResponseBody {"@odata.context":"$metadata#","value":"MessageLogEntries/!delta('0[4096]445379691@65545!3335516765')"}
536 [2] DEBUG 2021-06-28 08:50:36.471 TM1.HttpRequest POST /api/v1/Processes('ItemReject')/tm1.ExecuteWithReturn?$expand=ErrorLogFile
536 [2] DEBUG 2021-06-28 08:50:36.474 TM1.HttpRequestBody {"Parameters":[]}
536 [2] DEBUG 2021-06-28 08:50:36.474 TM1.HttpResponse 202 Accepted
1928 [2] DEBUG 2021-06-28 08:50:36.736 TM1.HttpResponse 201 Created
1928 [2] DEBUG 2021-06-28 08:50:36.736 TM1.HttpResponseBody {"@odata.context":"../$metadata#ibm.tm1.api.v1.ProcessExecuteResult","ProcessExecuteStatusCode":"CompletedWithMessages","ErrorLogFile":{"Filename":"TM1ProcessError_20210628155036_48501928_ItemReject.log"}}536 [2] DEBUG 2021-06-28 08:50:37.625 TM1.HttpRequest GET /api/v1/_async('RI01MTUA5JYUMJQg2tb8leIFcCwM9')536 [2] DEBUG 2021-06-28 08:50:37.626 TM1.HttpResponse 200 OK536 [2] DEBUG 2021-06-28 08:50:37.626 TM1.HttpResponseBody HTTP/1.1 201 Created536 [2] DEBUG 2021-06-28 08:50:37.832 TM1.HttpRequest GET /api/v1/MessageLogEntries%2F%21delta%28%270%5B4096%5D445379691%4065545%213335516765%27%29?$filter=tolower(replace(Logger,'%20',''))%20eq%20'tm1.process'%20and%20contains(Message,'TM1ProcessError_20210628155036_48501928_ItemReject.log')&$top=1536 [2] DEBUG 2021-06-28 08:50:37.833 TM1.HttpResponse 200 OK536 [2] DEBUG 2021-06-28 08:50:37.833 TM1.HttpResponseBody {"@odata.context":"../$metadata#MessageLogEntries/$delta","value":[{"ID":2,"ThreadID":1928,"SessionID":2,"Level":"Info","TimeStamp":"2021-06-28T08:50:36.733Z","Logger":"TM1.Process","Message":"Process \"ItemReject\": finished executing normally. Check new message in the file: <TM1ProcessError_20210628155036_48501928_ItemReject.log>"}]}536 [2] DEBUG 2021-06-28 08:50:37.843 TM1.HttpRequest GET /api/v1/MessageLogEntries%2F%21delta%28%270%5B4096%5D445379691%4065545%213335516765%27%29?$filter=ThreadID%20eq%201928.0%20and%20SessionID%20eq%202.0&$top=200536 [2] DEBUG 2021-06-28 08:50:37.844 TM1.HttpResponse 200 OK536 [2] DEBUG 2021-06-28 08:50:37.844 TM1.HttpResponseBody {"@odata.context":"../$metadata#MessageLogEntries/$delta","value":[{"ID":3,"ThreadID":1928,"SessionID":2,"Level":"Info","TimeStamp":"2021-06-28T08:50:36.475Z","Logger":"TM1.Process","Message":"Process \"ItemReject\" executed by user \"cjp/stuart\""},{"ID":4,"ThreadID":1928,"SessionID":2,"Level":"Info","TimeStamp":"2021-06-28T08:50:36.733Z","Logger":"TM1.Process","Message":"Process \"ItemReject\": finished executing normally. Check new message in the file: <TM1ProcessError_20210628155036_48501928_ItemReject.log>"}]}536 [2] DEBUG 2021-06-28 08:50:37.996 TM1.HttpRequest GET /api/v1/ErrorLogFiles('TM1ProcessError_20210628155036_48501928_ItemReject.log')/Content536 [2] DEBUG 2021-06-28 08:50:38.003 TM1.HttpResponse 200 OK
536 [2] DEBUG 2021-06-28 08:50:38.003 TM1.HttpResponseBody "FY 2004 Budget","UK","Direct","Sales","local","input","Jan-2004","315512.69",Data Source line (1) Error: Data procedure line (8): Stuarts error
Not sure why PAW is doing all the stuff in red in this situation. Given the initial response when clicking the action button I believe that we skip trying to read the tm1server.log and go straight to reading the TI process log (which I believe should work as a non-admin).
In summary, I think there is a defect here, or we are just not being clever about how we use the ODATA API. I share my findings with development and support.
*** Edit - I've confirmed the ErrorLogFiles API endpoint is expected to return an empty response to non-admins. So, I'm not sure this issue is really a defect. However, there is some room for improvement. We will look into custom return messages for TI process success and failure. As an enhancement, I would like to be able to configure custom response messages in both Planning Analytics Workspace (the action button config UI) and in the TI process as string variables.
------------------------------
Stuart King
IBM Planning Analytics Offering Manager
------------------------------
Original Message:
Sent: Fri June 25, 2021 03:15 AM
From: Mark Wragg
Subject: ItemReject not returning message in PAW for non Admin users
Hi Joseph,
It isn't just me experiencing this issue.
A number of people, both inside and outside my organisation are having the issue too.
Moreover, when I raised this with IBM support they responded as follows:
"The issue has been reproduced in PAW 63 and I will log a defect investigation for it"
Be interested to see how IBM have responded to Scott's PMR too
regards,
Mark
------------------------------
Mark Wragg
Original Message:
Sent: Thu June 24, 2021 05:59 AM
From: Joseph GRANDCHAMP
Subject: ItemReject not returning message in PAW for non Admin users
Hello Mark,
We do use itemreject messages with PAW on cloud and no problem for normal user to get messages.
It is maybe related to your browser or something else but not a bug I know.
Regards
------------------------------
Joseph GRANDCHAMP
Original Message:
Sent: Thu June 24, 2021 04:47 AM
From: Mark Wragg
Subject: ItemReject not returning message in PAW for non Admin users
Hi Scott,
thanks for the feedback.
not sure what you mean by ID but the ticket number for the case I raised with IBM is TS005875461.
regards,
Mark
------------------------------
Mark Wragg
Original Message:
Sent: Thu June 24, 2021 04:36 AM
From: Scott Wiltshire
Subject: ItemReject not returning message in PAW for non Admin users
@Mark Wragg we have the same issue with a custom web application using the Rest API. I therefore don't believe it is PAW related but rather a restriction or bug in the TM1 Rest API itself. If you raised a PMR can you please reply the ID here so we can cross reference with our ticket?
------------------------------
Scott Wiltshire
Original Message:
Sent: Thu June 10, 2021 12:16 PM
From: Mark Wragg
Subject: ItemReject not returning message in PAW for non Admin users
Hi,
In PAW version 63 the following was apparently resolved:
------------------------------
Mark Wragg
------------------------------
#PlanningAnalyticswithWatson