Skip to content
Start building
Back

Permissions must be one of: (any, guests)

  • 0
  • Databases
  • Web
View on Discord
Nekxio
8 May, 2024, 16:08

Hello everyone, 👋 I'm currently experiencing a problem with my SvelteKit application. :svelte: I have configured my application to handle user sessions using the Appwrite SDK for Node.js because of SSR. When I try to add or delete documents in my collection from my application, I get the following error: "Permissions must be one of: (any, guests)". I set these security rules for my collection because I want only the right user can read, update, delete

User -> read Document security is enabled

If you need more information or a code, don't hesitate to ask me.

Thank you in advance for your help 😄

TL;DR
Issue: Error message "Permissions must be one of: (any, guests)" when adding or deleting documents due to security rules set in the code. Solution: The error occurs because the specified permissions in the addIdea function are not correctly encapsulated. To fix this, encapsulate the permissions correctly as follows: ``` [ new Permission().setRead(Role.user(idea.userId)), new Permission().setUpdate(Role.user(idea.userId)), new Permission().setDelete(Role.user(idea.userId)) ] ```
Nekxio
8 May, 2024, 16:08

Here's the code :

lib/server/ideas.ts

TypeScript
export const getIdeas = async (): Promise<Idea[]> => {
    try {
        const client = new Client().setEndpoint(APPWRITE_ENDPOINT).setProject(APPWRITE_PROJECT);
        const databases = new Databases(client);

        const ideas = await databases.listDocuments(STARTER_DATABASE_ID, STARTER_COLLECTION_ID);
        return ideas.documents as Idea[];
    } catch (e) {
        ...
    }
    return [];
};

export const addIdea = async (idea: Idea) => {
    try {
        const client = new Client().setEndpoint(APPWRITE_ENDPOINT).setProject(APPWRITE_PROJECT);
        const databases = new Databases(client);

        return databases.createDocument(
            STARTER_DATABASE_ID,
            STARTER_COLLECTION_ID,
            idea.$id,
            {
                userId: idea.userId,
                title: idea.title,
                description: idea.description
            },
            [
                Permission.read(Role.user(idea.userId)),
                Permission.update(Role.user(idea.userId)),
                Permission.delete(Role.user(idea.userId))
            ]
        );
    } catch (e) {
        ...
    }
};

export const deleteIdea = async (id: string) => {
    try {
        const client = new Client().setEndpoint(APPWRITE_ENDPOINT).setProject(APPWRITE_PROJECT);
        const databases = new Databases(client);

        return databases.deleteDocument(STARTER_DATABASE_ID, STARTER_COLLECTION_ID, id);
    } catch (e) {
        ..
    }
};
Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more