fix(api): separate user preferences and search mutations from org read by dcramer · Pull Request #113121 · getsentry/sentry

dcramer · 2026-04-15T21:25:41Z

Split first-party user-owned state and saved-search mutation flows out of readonly organization and member scopes.

Previously, endpoints for personal state such as project bookmarking, dashboard starring, onboarding task state, recent searches, starred saved queries, starred search views, search-view order / visit state, and similar flows were reachable through readonly scopes like org:read or member:read. Saved search and custom view mutation also accepted org:read on write methods. That meant readonly API tokens could mutate personal or search state.

After this change, user-owned state moves to user:preferences, saved search and custom view mutation moves to org:searches, and feature flag webhook secret management moves to flags:write. org:write and org:admin continue to imply org:searches, but user:preferences and flags:write are treated as first-party / direct-token capabilities rather than general third-party app scopes.

This PR also updates app grant flows so user:preferences and flags:write are not requestable by OAuth apps or Sentry Apps. The intent is to keep those capabilities available for session-driven and direct token flows without presenting them as normal external app permissions.

ProjectDetailsEndpoint is split along the same line: bookmark updates are treated as user:preferences, while project-wide behavior changes require project:write.

Refs getsentry/getsentry#19897

Move user-owned state and saved-search mutation flows onto dedicated scopes. Previously, endpoints for bookmarks, starred state, onboarding progress, recent searches, and saved-search mutations could be reached with readonly org or member scopes, and those scopes were also requestable by third-party apps. Add user:preferences, org:searches, and flags:write, move the affected endpoints onto those scopes, and block the personal-only scopes from OAuth and Sentry App grant flows. Co-Authored-By: OpenAI Codex <noreply@openai.com>

cursor

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 7cc0772. Configure here.}

cursor · 2026-04-15T21:32:10Z

            "event:write",
            "event:admin",
+            "org:searches",
+            "user:preferences",


Member role has flags:write but admin role does not

Medium Severity

The member role includes flags:write directly, but the (retired) admin role does not, and the admin role lacks any scope (like org:write) that would grant flags:write through the hierarchy. This creates a privilege inversion where a lower-privileged member can manage flag webhook signing secrets but a higher-privileged admin cannot. The admin role's scopes need flags:write added for consistency.

Additional Locations (1)

src/sentry/conf/server.py#L1996-L2014

^{Reviewed by Cursor Bugbot for commit 7cc0772. Configure here.}

github-actions · 2026-04-15T21:39:51Z

Backend Test Failures

Failures on b4cf69d in this run:

tests/sentry/core/endpoints/test_organization_member_details.py::UpdateOrganizationMemberTest::test_can_update_from_retired_role_without_flag

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:665: in test_can_update_from_retired_role_without_flag
    self.get_success_response(self.organization.slug, member_om.id, role="member")
src/sentry/testutils/cases.py:636: in get_success_response
    assert_status_code(response, status.HTTP_200_OK)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 201
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_invite_index.py::OrganizationMemberInvitePostTest::test_simple — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_invite_index.py:215: in test_simple
    response = self.get_success_response(self.organization.slug, **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_details.py::UpdateOrganizationMemberTest::test_cannot_update_to_retired_role_with_flag

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:712: in test_cannot_update_to_retired_role_with_flag
    self.get_error_response(self.organization.slug, member_om.id, role="admin", status_code=400)
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 401
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsDeleteTest::test_allow_delete_when_no_project_access

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:725: in test_allow_delete_when_no_project_access
    assert response.status_code == 204
E   assert 403 == 204
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_text_widget_description_exceeds_max_length

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1331: in test_add_text_widget_description_exceeds_max_length
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_widget_with_aggregates_and_columns

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1251: in test_add_widget_with_aggregates_and_columns
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_dashboard_permissions_with_none_does_not_create_permissions_object

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:3024: in test_update_dashboard_permissions_with_none_does_not_create_permissions_object
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_dashboard_with_widget_filter_requiring_environment

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2683: in test_update_dashboard_with_widget_filter_requiring_environment
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_widget_title

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1718: in test_update_widget_title
    assert response.status_code == 200
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_without_specifying_layout_does_not_change_saved_layout

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2259: in test_update_without_specifying_layout_does_not_change_saved_layout
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/flags/endpoints/test_secrets.py::OrganizationFlagsWebHookSigningSecretEndpointTestCase::test_delete_other_organization

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/flags/endpoints/test_secrets.py:310: in test_delete_other_organization
    assert response.status_code == 404
E   assert 403 == 404
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_details.py::UpdateOrganizationMemberTest::test_can_update_member_membership

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:494: in test_can_update_member_membership
    self.get_success_response(self.organization.slug, member_om.id, role="manager")
src/sentry/testutils/cases.py:636: in get_success_response
    assert_status_code(response, status.HTTP_200_OK)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_projects_experiment.py::OrganizationProjectsExperimentCreateTest::test_exceed_unique_team_slug_attempts

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_projects_experiment.py:74: in test_exceed_unique_team_slug_attempts
    response = self.get_error_response(self.organization.slug, name=self.p1, status_code=409)
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 409 <= 403
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_create_with_project_create_token — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:243: in test_create_with_project_create_token
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_issue_widget_invalid_query

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2450: in test_add_issue_widget_invalid_query
    assert response.status_code == 400, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 400
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_default_rules — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:138: in test_default_rules
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_widget_with_invalid_limit_above_maximum

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1419: in test_add_widget_with_invalid_limit_above_maximum
    assert response.status_code == 400, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 400
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_generated_slug_not_entirely_numeric — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:93: in test_generated_slug_not_entirely_numeric
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_create_widget_with_axis_range

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2103: in test_create_widget_with_axis_range
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_deletes_widget_with_field_links

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:3542: in test_deletes_widget_with_field_links
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_partial_reordering_deletes_widgets

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2368: in test_partial_reordering_deletes_widgets
    assert response.status_code == 200
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_widget_reorder_queries

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1818: in test_update_widget_reorder_queries
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/flags/endpoints/test_secrets.py::OrganizationFlagsWebHookSigningSecretsEndpointTestCase::test_post_statsig — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/flags/endpoints/test_secrets.py:97: in test_post_statsig
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/auth/test_access.py::FromUserTest::test_enforce_upper_bound_scope — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/auth/test_access.py:497: in test_enforce_upper_bound_scope
    assert not result.has_team_scope(team, "team:write")
E   AssertionError: assert not True
E    +  where True = <bound method DbAccess.has_team_scope of OrganizationMemberAccess(sso_is_valid=True, requires_sso=False, has_open_memb...OrganizationMember at 0x7f9b8b7d9630: id=69, organization_id=4557974211198992, user_id=92, email=None, role='member'>)>(<Team at 0x7f9b7eda1db0: id=4557974211198992, name='Fond Rodent', slug='fond-rodent'>, 'team:write')
E    +    where <bound method DbAccess.has_team_scope of OrganizationMemberAccess(sso_is_valid=True, requires_sso=False, has_open_memb...OrganizationMember at 0x7f9b8b7d9630: id=69, organization_id=4557974211198992, user_id=92, email=None, role='member'>)> = OrganizationMemberAccess(sso_is_valid=True, requires_sso=False, has_open_membership=False, has_global_access=True, sco...<OrganizationMember at 0x7f9b8b7d9630: id=69, organization_id=4557974211198992, user_id=92, email=None, role='member'>).has_team_scope

tests/sentry/core/endpoints/test_organization_projects_experiment.py::OrganizationProjectsExperimentCreateTest::test_disable_member_project_creation

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_projects_experiment.py:280: in test_disable_member_project_creation
    assert response.data["detail"] == DISABLED_FEATURE_ERROR_STRING
E   AssertionError: assert ErrorDetail(s...ssion_denied') == 'Your organiz... for members.'
E     
E     - Your organization has disabled this feature for members.
E     + You do not have permission to perform this action.

tests/sentry/core/endpoints/test_organization_projects_experiment.py::OrganizationProjectsExperimentCreateTest::test_member_does_not_exist

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_projects_experiment.py:263: in test_member_does_not_exist
    assert response.data == {
E   AssertionError: assert {'detail': Er...sion_denied')} == {'detail': 'Y...a Team Admin'}
E     
E     Differing items:
E     {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')} != {'detail': 'You must be a member of the organization to join a new team as a Team Admin'}
E     
E     Full diff:
E       {
E     +     'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied'),
E     -     'detail': 'You must be a member of the organization to join a new team as a Team '
E     -     'Admin',
E       }

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_reorder_widgets_has_no_effect

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2192: in test_reorder_widgets_has_no_effect
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardFavoriteTest::test_unfavorite_dashboard

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:4725: in test_unfavorite_dashboard
    assert response.status_code == 204
E   assert 403 == 204
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardFavoriteReorderingTest::test_favorite_dashboard_no_dashboard_edit_access

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:4865: in test_favorite_dashboard_no_dashboard_edit_access
    assert response.status_code == 204
E   assert 403 == 204
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/integrations/api/endpoints/test_organization_code_mapping_details.py::OrganizationCodeMappingDetailsTest::test_non_project_member_permissions

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/integrations/api/endpoints/test_organization_code_mapping_details.py:81: in test_non_project_member_permissions
    assert response.status_code == status.HTTP_200_OK
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code
E    +  and   200 = status.HTTP_200_OK

tests/sentry/integrations/slack/webhooks/actions/test_status.py::StatusActionTest::test_rejected_invite_request — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/integrations/slack/webhooks/actions/test_status.py:1276: in test_rejected_invite_request
    assert not OrganizationMember.objects.filter(id=member.id).exists()
E   AssertionError: assert not True
E    +  where True = <bound method QuerySet.exists of <BaseQuerySet [<OrganizationMember at 0x7f9b996c8130: id=243, organization_id=4557974203793424, user_id=None, email='hello@sentry.io', role='member'>]>>()
E    +    where <bound method QuerySet.exists of <BaseQuerySet [<OrganizationMember at 0x7f9b996c8130: id=243, organization_id=4557974203793424, user_id=None, email='hello@sentry.io', role='member'>]>> = <BaseQuerySet [<OrganizationMember at 0x7f9b996c8130: id=243, organization_id=4557974203793424, user_id=None, email='hello@sentry.io', role='member'>]>.exists
E    +      where <BaseQuerySet [<OrganizationMember at 0x7f9b996c8130: id=243, organization_id=4557974203793424, user_id=None, email='hello@sentry.io', role='member'>]> = <bound method QuerySet.filter of <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7f9ba2dd0980>>(id=243)
E    +        where <bound method QuerySet.filter of <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7f9ba2dd0980>> = <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7f9ba2dd0980>.filter
E    +          where <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7f9ba2dd0980> = OrganizationMember.objects
E    +        and   243 = <OrganizationMember at 0x7f9b6bed0750: id=243, organization_id=4557974203793424, user_id=None, email='hello@sentry.io', role='member'>.id

tests/sentry/api/endpoints/test_project_repo_path_parsing.py::ProjectStacktraceLinkGithubTest::test_member_can_access — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/api/endpoints/test_project_repo_path_parsing.py:308: in test_member_can_access
    assert resp.status_code == 200, resp.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/auth/test_access.py::FromRequestTest__InCellMode::test_superuser_readonly_scopes — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/auth/test_access.py:601: in test_superuser_readonly_scopes
    assert result.scopes == set(member.get_scopes()).union(SUPERUSER_READONLY_SCOPES)
E   AssertionError: assert frozenset({'a...:write', ...}) == {'alerts:read...r:admin', ...}
E     
E     Extra items in the left set:
E     'project:create'
E     'flags:write'
E     
E     Full diff:
E     - {
E     + frozenset({
E           'alerts:read',
E           'alerts:write',
E           'event:admin',
E           'event:read',
E           'event:write',
E     +     'flags:write',
E           'member:admin',
E           'member:invite',
E           'member:read',
E           'member:write',
E           'org:admin',
E           'org:integrations',
E           'org:read',
E           'org:searches',
E           'org:superuser',
E           'org:write',
E           'project:admin',
E           'project:codeowners',
E     +     'project:create',
E           'project:read',
E           'project:releases',
E           'project:write',
E           'team:admin',
E           'team:read',
E           'team:write',
E           'user:preferences',
E     - }
E     + })

tests/sentry/core/endpoints/test_organization_member_invite_index.py::OrganizationMemberInvitePostTest::test_referrer_param

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_invite_index.py:240: in test_referrer_param
    response = self.get_success_response(
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_index.py::OrganizationMemberListTest::test_valid_for_invites — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_index.py:441: in test_valid_for_invites
    self.get_success_response(self.organization.slug, method="post", **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_builtin_symbol_sources_unreal — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:450: in test_builtin_symbol_sources_unreal
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_big_number_widget_with_equation

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1199: in test_add_big_number_widget_with_equation
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_console_platform_not_enabled — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:615: in test_console_platform_not_enabled
    response = self.get_error_response(
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 401
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_simple — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:65: in test_simple
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_widget_invalid_interval

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1631: in test_add_widget_invalid_interval
    assert response.status_code == 400, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 400
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_widget_with_invalid_limit_below_minimum

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1508: in test_add_widget_with_invalid_limit_below_minimum
    assert response.status_code == 400, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 400
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_change_dashboard_title

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:968: in test_change_dashboard_title
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_dashboard_with_all_projects

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2609: in test_update_dashboard_with_all_projects
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsOnDemandTransactionLikeTest::test_ondemand_with_flags

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:4137: in test_ondemand_with_flags
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/flags/endpoints/test_secrets.py::OrganizationFlagsWebHookSigningSecretsEndpointTestCase::test_post_launchdarkly

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/flags/endpoints/test_secrets.py:58: in test_post_launchdarkly
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/integrations/api/endpoints/test_organization_code_mapping_details.py::OrganizationCodeMappingDetailsTest::test_basic_edit_from_member_permissions

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/integrations/api/endpoints/test_organization_code_mapping_details.py:103: in test_basic_edit_from_member_permissions
    assert resp.status_code == 200
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/snuba/api/endpoints/test_discover_key_transactions.py::TeamKeyTransactionTest::test_delete_key_transaction_no_access_team

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/snuba/api/endpoints/test_discover_key_transactions.py:615: in test_delete_key_transaction_no_access_team
    assert response.status_code == 400, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 400
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/api/endpoints/issues/test_organization_derive_code_mappings.py::OrganizationDeriveCodeMappingsTest::test_post_existing_code_mapping

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/api/endpoints/issues/test_organization_derive_code_mappings.py:322: in test_post_existing_code_mapping
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/api/endpoints/test_organization_api_key_details.py::OrganizationApiKeyDetailsPut::test_update_api_key_details

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/api/endpoints/test_organization_api_key_details.py:49: in test_update_api_key_details
    assert api_key.get_scopes() == ["org:read", "project:read", "project:write", "team:read"]
E   AssertionError: assert ['org:read', ..., 'team:read'] == ['org:read', ..., 'team:read']
E     
E     At index 1 diff: 'project:codeowners' != 'project:read'
E     Left contains 2 more items, first extra item: 'project:write'
E     
E     Full diff:
E       [
E           'org:read',
E     +     'project:codeowners',
E     +     'project:create',
E           'project:read',
E           'project:write',
E           'team:read',
E       ]

tests/sentry/api/endpoints/test_organization_pinned_searches.py::DeleteOrganizationPinnedSearchTest::test_delete_with_user_preferences_token

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/api/endpoints/test_organization_pinned_searches.py:237: in test_delete_with_user_preferences_token
    self.get_path(self.organization.slug),
E   AttributeError: 'DeleteOrganizationPinnedSearchTest' object has no attribute 'get_path'

tests/sentry/core/endpoints/test_organization_member_index.py::OrganizationMemberListPostTest::test_rate_limited — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_index.py:942: in test_rate_limited
    self.get_error_response(self.organization.slug, **data, status_code=429)
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 429 <= 400
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_details.py::DeleteOrganizationMemberTest::test_related_invitations_are_deleted

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:1220: in test_related_invitations_are_deleted
    assert OrganizationMember.objects.filter(inviter_id=manager_user.id).count() == 2
E   AssertionError: assert 1 == 2
E    +  where 1 = <bound method QuerySet.count of <BaseQuerySet [<OrganizationMember at 0x7fecd4e39390: id=116, organization_id=4557974212313120, user_id=None, email='foo@example.com', role='member'>]>>()
E    +    where <bound method QuerySet.count of <BaseQuerySet [<OrganizationMember at 0x7fecd4e39390: id=116, organization_id=4557974212313120, user_id=None, email='foo@example.com', role='member'>]>> = <BaseQuerySet [<OrganizationMember at 0x7fecd4e39390: id=116, organization_id=4557974212313120, user_id=None, email='foo@example.com', role='member'>]>.count
E    +      where <BaseQuerySet [<OrganizationMember at 0x7fecd4e39390: id=116, organization_id=4557974212313120, user_id=None, email='foo@example.com', role='member'>]> = <bound method QuerySet.filter of <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7fed097d4980>>(inviter_id=132)
E    +        where <bound method QuerySet.filter of <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7fed097d4980>> = <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7fed097d4980>.filter
E    +          where <sentry.db.models.manager.base.OrganizationMemberManager object at 0x7fed097d4980> = OrganizationMember.objects
E    +        and   132 = <User at 0x7fece5e568b0: id=132>.id

tests/sentry/core/endpoints/test_organization_projects_experiment.py::OrganizationProjectsExperimentCreateTest::test_team_slug_is_slugified

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_projects_experiment.py:137: in test_team_slug_is_slugified
    response = self.get_success_response(self.organization.slug, name=self.p1, status_code=201)
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_create_with_project_write_token — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:255: in test_create_with_project_write_token
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_similarity_project_option_invalid — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:353: in test_similarity_project_option_invalid
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboards.py::OrganizationDashboardsTest::test_post_member_can_create

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboards.py:981: in test_post_member_can_create
    assert response.status_code == 201
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_ignores_certain_keys_in_layout

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2287: in test_ignores_certain_keys_in_layout
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_save_widget_with_custom_measurement_in_equation_tables

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:3119: in test_save_widget_with_custom_measurement_in_equation_tables
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_dashboard_with_my_projects_after_setting_all_projects

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2625: in test_update_dashboard_with_my_projects_after_setting_all_projects
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_widget_with_thresholds_and_preferred_polarity

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:1981: in test_update_widget_with_thresholds_and_preferred_polarity
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/integrations/slack/webhooks/actions/test_status.py::StatusActionTest::test_approve_join_request — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/integrations/slack/webhooks/actions/test_status.py:1255: in test_approve_join_request
    assert member.invite_status == InviteStatus.APPROVED.value
E   AssertionError: assert 2 == 0
E    +  where 2 = <OrganizationMember at 0x7fecd642b690: id=283, organization_id=4557974204186656, user_id=None, email='hello@sentry.io', role='member'>.invite_status
E    +  and   0 = <InviteStatus.APPROVED: 0>.value
E    +    where <InviteStatus.APPROVED: 0> = InviteStatus.APPROVED

tests/sentry/core/endpoints/test_organization_member_details.py::UpdateOrganizationMemberTest::test_cannot_lower_superior_role

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:736: in test_cannot_lower_superior_role
    self.get_error_response(self.organization.slug, owner_om.id, role="member", status_code=403)
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 403 <= 400
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_index.py::OrganizationMemberListTest::test_invalid_user_for_direct_add

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_index.py:520: in test_invalid_user_for_direct_add
    self.get_success_response(self.organization.slug, method="post", **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_invite_details.py::UpdateOrganizationMemberInviteTest::test_approve_invite

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_invite_details.py:210: in test_approve_invite
    self.get_success_response(self.organization.slug, self.invite_request.id, approve=True)
src/sentry/testutils/cases.py:636: in get_success_response
    assert_status_code(response, status.HTTP_200_OK)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 201
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_index.py::OrganizationMemberListTest::test_owner_invites — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_index.py:435: in test_owner_invites
    response = self.get_success_response(self.organization.slug, method="post", **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_invite_index.py::OrganizationMemberInvitePostTest::test_no_teams — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_invite_index.py:229: in test_no_teams
    response = self.get_success_response(self.organization.slug, **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_projects_experiment.py::OrganizationProjectsExperimentCreateTest::test_without_default_rules

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_projects_experiment.py:165: in test_without_default_rules
    response = self.get_success_response(
src/sentry/testutils/cases.py:629: in get_success_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 202
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_cannot_edit_prebuilt_insights_dashboard_widgets

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:3873: in test_cannot_edit_prebuilt_insights_dashboard_widgets
    assert response.status_code == 409
E   assert 403 == 409
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_migrated_spans_widget_reset_changed_reason

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2157: in test_update_migrated_spans_widget_reset_changed_reason
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_prebuilt_dashboard

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:2313: in test_update_prebuilt_dashboard
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_update_widget_with_field_links

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py:3464: in test_update_widget_with_field_links
    assert response.status_code == 200, response.data
E   AssertionError: {'detail': ErrorDetail(string='You do not have permission to perform this action.', code='permission_denied')}
E   assert 403 == 200
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/flags/endpoints/test_secrets.py::OrganizationFlagsWebHookSigningSecretsEndpointTestCase::test_post_generic — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/flags/endpoints/test_secrets.py:70: in test_post_generic
    assert response.status_code == 201, response.content
E   AssertionError: b'{"detail":"You do not have permission to perform this action."}'
E   assert 403 == 201
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/core/endpoints/test_organization_member_details.py::UpdateOrganizationMemberTest::test_cannot_demote_team_member_to_role_where_team_roles_disabled

— log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_details.py:829: in test_cannot_demote_team_member_to_role_where_team_roles_disabled
    assert (
E   KeyError: 'detail'

tests/sentry/core/endpoints/test_organization_member_index.py::OrganizationMemberListPostTest::test_no_email — log

[gw1] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_organization_member_index.py:856: in test_no_email
    response = self.get_success_response(self.organization.slug, **data)
src/sentry/testutils/cases.py:641: in get_success_response
    assert_status_code(response, 200, 300)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=400, "application/json">
E   assert 400 < 300
E    +  where 400 = <Response status_code=400, "application/json">.status_code

tests/sentry/core/endpoints/test_team_projects.py::TeamProjectsCreateTest::test_invalid_numeric_slug — log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/core/endpoints/test_team_projects.py:82: in test_invalid_numeric_slug
    response = self.get_error_response(
src/sentry/testutils/cases.py:663: in get_error_response
    assert_status_code(response, status_code)
src/sentry/testutils/asserts.py:46: in assert_status_code
    assert minimum <= response.status_code < maximum, response
E   AssertionError: <Response status_code=403, "application/json">
E   assert 403 < 401
E    +  where 403 = <Response status_code=403, "application/json">.status_code

tests/sentry/dashboards/endpoints/test_organization_dashboard_details.py::OrganizationDashboardDetailsPutTest::test_add_categorical_bar_widget_with_valid_limit

— log

[gw0] linux -- Python 3.13.1 /home/runner/work/sentry/sentry/.venv/bin/python3
tests/sentry/dashboards/endpoint

... (truncated due to GitHub comment size limit)

github-actions bot added the Scope: Backend Automatically applied to PRs that change backend components label Apr 15, 2026

cursor bot reviewed Apr 15, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(api): separate user preferences and search mutations from org read#113121

fix(api): separate user preferences and search mutations from org read#113121
dcramer wants to merge 1 commit intodcramer/fix/api-project-leaf-scopesfrom
dcramer/fix/api-personal-search-scopes

dcramer commented Apr 15, 2026

Uh oh!

cursor bot left a comment

Uh oh!

cursor bot Apr 15, 2026

Uh oh!

github-actions bot commented Apr 15, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dcramer commented Apr 15, 2026

Uh oh!

cursor bot left a comment

Choose a reason for hiding this comment

Uh oh!

cursor bot Apr 15, 2026

Choose a reason for hiding this comment

Member role has flags:write but admin role does not

Uh oh!

github-actions bot commented Apr 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Backend Test Failures

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Member role has `flags:write` but admin role does not

github-actions bot commented Apr 15, 2026 •

edited

Loading