[SOLVED] The current user is not authorized to perform the requested action

After signing up with email I'm trying to create new document - Profile to be more precise. It contains the username and user id. I don't really understand why there's any issue at all — Collection profiles has create permission set to all users.

What exactly are the permissions? Maybe share a screenshot

My goal is to create profile document with user.id when user managed to successfully register an account.

Preferably I'd like to allow this user to edit created profile later, and all guest & authenticated users should be able to read it.

At the moment, it fails to create the document.

Therefore additional permissions are a future goal.

Not sure why creation is failing, but for other permissions, when creating the Document, you can set custom permissions on it, as long as you turn on Document security

I've managed to "solve" this by calling account.createEmailSession after creating an account. Is it the expected behaviour, that creating an account doesn't automatically return new session?

Yes, it's the expected behavior, the flow at this moment, requires to call createEmailSession to have one. Maybe you can create a new issue to discuss this behavior with the community

Glad to hear that. Thanks for clarifying!

[SOLVED] The current user is not authorized to perform the requested action

The current user is not authorized to perform the requested action

I thought that the issue is solved but unfortunately no.

When creating Profile Document, this is the error I get: Permissions must be one of: (any, users, user:1CD7E806-E117-4ED4-B15E-7BEFC1316D80, user:1CD7E806-E117-4ED4-B15E-7BEFC1316D80/unverified, users/unverified)

and here's the code for creating document:

func createProfile(for userID: String, username: String) async throws {
        _ = try await create(
            Profile.self,
            collectionID: CollectionType.profiles.rawValue,
            documentID: UUID().uuidString,
            data: [
                "userID": userID,
                "username": username
            ],
            permissions: [
                Permission.update(Role.user(userID)),
                Permission.read(Role.users()),
                Permission.read(Role.guests())
            ]
        )
    }

My understanding of Permissions & Document Security is that I can set global rules via Permissions in Collection settings — in this case it's the all users can create Profile documents

permissions: [
                Permission.update(Role.user(userID)),
                Permission.read(Role.users()),
                Permission.read(Role.guests())
            ]

should declare Permissions (Document Security) rules for this single document, right?

Do I need to specify in the Collection Permissions that every document should be accessible to read for guests and all users?

If I pass null value to permissions in create function, it automatically creates the Permission for read / delete / update and create with correct user id

Ok, it looks like setting Role.guests was the issue. Removing this line solved the issue. I find it odd that according to some answers in the support channel, user can only set permissions for all users or any, but not guests.

[SOLVED] The current user is not authorized to perform the requested action