The current user is not authorized to perform the requested action / 'Permissions must be one of....
Angular / REST for Database / SDK for Auth Appwrite 1.3.1
Hello π
I've been trying to do this for a few hours, but unfortunately I can't get it to work. I used to have a project entirely through the Appwrite SDK, but now I want to do all database actions through REST.
The get Methods works. But the post/patch dont.
Here is one example:
updateIngredient(ingredient: Ingredient) {
const collectionId = '630f4c60cfef19f89bf6';
return this.http.patch(
`${this.baseUrl}/databases/${this.databaseId}/collections/${collectionId}/documents/${ingredient.$id}`,
{
'data': {
'name': ingredient.name,
'namePlural': ingredient.namePlural
},
'permissions': ['write("any")']
},
{headers: this.headers}
).pipe(
finalize(() => console.log('updateIngredient ' + ingredient.name + ' success'))
)
}
``` So, with any it works.
But if i want to use a user: ```ts updateIngredient(ingredient: Ingredient) {
const collectionId = '630f4c60cfef19f89bf6';
return this.http.patch(
`${this.baseUrl}/databases/${this.databaseId}/collections/${collectionId}/documents/${ingredient.$id}`,
{
'data': {
'name': ingredient.name,
'namePlural': ingredient.namePlural
},
'permissions': ['write("user:630f4a50d9371ce4576d")']
},
{headers: this.headers}
).pipe(
finalize(() => console.log('updateIngredient ' + ingredient.name + ' success'))
)
}``` I get this error:
data-dialog.component.ts:57 ERROR
HttpErrorResponse {headers: HttpHeaders, status: 401, statusText: 'OK', url: 'https://appwrite.krach.ist-im-netz.at/v1/databasesβ¦0f4c60cfef19f89bf6/documents/6320b5d918defba35028', ok: false, β¦}
error
:
{message: 'Permissions must be one of: (any, guests)', code: 401, type: 'user_unauthorized', version: '1.3.1'}
headers
:
HttpHeaders {normalizedNames: Map(0), lazyUpdate: null, lazyInit: Ζ}
message
:
"Http failure response for https://appwrite.krach.ist-im-netz.at/v1/databases/630f4596b5440bd5a44a/collections/630f4c60cfef19f89bf6/documents/6320b5d918defba35028: 401 OK"
name
:
"HttpErrorResponse"
ok
:
false
status
:
401
statusText
:
"OK"
url
:
"https://appwrite.krach.ist-im-netz.at/v1/databases/630f4596b5440bd5a44a/collections/630f4c60cfef19f89bf6/documents/6320b5d918defba35028"
[[Prototype]]
:
HttpResponseBase
As can be seen in the picture above, the user has the permissions.
And the user has an active session
Hm, it works with any and guests. So, there must be a user_unauthorized issue
but i can login/logout and the angular guards works also good with appwrite session-checks
Hm. I have to send the cookie? I get that from the Response.Headers. But since I want to do the Auth stuff via Sdk, I can't get there?! Maybe not a good idea to use SDK and REST together in one project?
Okay, i will create a JwtToken and send it as X-Appwrite-JWT in the REST call. Maybe...
This was the issue
private headers = new HttpHeaders()
.set('Content-Type', 'application/json')
.set('X-Appwrite-Response-Format', '1.0.0')
.set('X-Appwrite-Project', 'ngchat')
updateIngredient(ingredient: Ingredient) {
const collectionId = '630f4c60cfef19f89bf6';
if (this.jwtToken) this.headers = this.headers.set('X-Appwrite-JWT', this.jwtToken);
return this.http.patch(
`${this.baseUrl}/databases/${this.databaseId}/collections/${collectionId}/documents/${ingredient.$id}`,
{
'data': {
'name': ingredient.name,
'namePlural': ingredient.namePlural
},
'permissions': ['write(\"users\")']
},
{
headers: this.headers
}
).pipe(
finalize(() => console.log('updateIngredient ' + ingredient.name + ' success'))
)
}
Why don't you want to use the SDK?
