Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

Execute access for functions not working

  • 0
  • Teams
  • Functions
View on Discord
mav8rick
23 Aug, 2023, 00:45

Hi guys, I want to restrict the execution access to a function I have created to a team and to a user. I have read other posts on this suggesting that setting the async flag to false may help but it didn't in my case:

TypeScript
    session.then(function (response) {
        console.log(response); // Success
        const functions = new Functions(client);
    
        const promise = functions.createExecution('64e459b015c232d2e51d',undefined, false);  
        
        promise.then(function (response) {
            console.log(response); // Success
        }, function (error) {
            console.log(error); // Failure
        });
    }, function (error) {
        console.log(error); // Failure
    });

Based on the errors, it seems like Appwrite only accepts "any" and "guests" for Execute Access:

TypeScript
AppwriteException: Missing "execute" permission for role "user:007". Only "["any","guests"]" scopes are allowed and "["users","user:007"]" was given.
    at Client.<anonymous> (file:///D:/repo/test_appwrite/node_modules/appwrite/dist/esm/sdk.js:391:27)
    at Generator.next (<anonymous>)
    at fulfilled (file:///D:/repo/test_appwrite/node_modules/appwrite/dist/esm/sdk.js:22:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 401,
  type: 'user_unauthorized',
  response: {
    message: 'Missing "execute" permission for role "user:007". Only "["any","guests"]" scopes are allowed and "["users","user:007"]" was given.',
    code: 401,
    type: 'user_unauthorized',
    version: '1.3.7'
  }
}

Anything else I can try?

TL;DR
Issue: The user is experiencing an issue with execute access for functions not working. They are trying to restrict the execution access to a specific team and user, but it's not working as expected. The error message indicates that only "any" and "guests" scopes are allowed for execute access, but the user is providing a different scope. Solution: The user should check if they are executing the correct function and if the error matches the permissions. They can also try setting the async flag to false in the function code.
Drake
23 Aug, 2023, 01:14

Are you sure you're executing the right function? The error doesn't seem to match up with the permissions

mav8rick
23 Aug, 2023, 02:02

Yes, I am sure because if I change the permission to "Any" the function runs OK:

TypeScript
{
  '$id': '64e5687e0f089f7fd1f2',
  '$createdAt': '2023-08-23T02:01:34.061+00:00',
  '$updatedAt': '2023-08-23T02:01:39.458+00:00',
  '$permissions': [],
  functionId: '64e459b015c232d2e51d',
  trigger: 'http',
  status: 'completed',
  statusCode: 200,
  response: '{"areDevelopersAwesome":true,"thisIsNew":true}',
  stdout: '',
  stderr: '',
  duration: 0.11366391181945801
}
Drake
23 Aug, 2023, 02:25

Any idea where 007 is coming from?

Can you call account.get() before executing the function to see what the output is?

mav8rick
23 Aug, 2023, 04:10

'007' is the userID I manually assigned to the user.

mav8rick
24 Aug, 2023, 02:27

I am closing this issue: the context was that I want to create a function that would execute "on behalf" of a user and obviously during development, I would do createsEmailSession inside the function as a start etc. and this don't seem to work inside the function. My account.get() always throws inside the function but obviously from web client code, it's OK.

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more