Problem deleting & attaching files to items

Hi,

I am trying to delete and attach files using the PHP client and app authorization.

In the docs, these operations are listed as possible, but I get the following type of error:

The app with id ..... does not have the right add_file on item with id .....

The app with id ..... does not have the right delete on file with id .....

I have re-checked all the IDs: app, item & file. In fact for the delete operation, I authenticate using app authentication, get the item and list it's files, then try to delete the file using the file ID directly. I have checked that it is using a valid file ID and that the file is attached to the specified item and that the item is in the specified app.

The only possibility I can see is that the item was originally created using server-side authentication. The file I am trying to delete was uploaded and attached in the same way. Is this the problem? If so, is there any way to work around it?

The goal is to have an automated update system, so app authorization is what I need.

MHT Portal October 08, 2012 10:08 Answered

Please sign in to leave a comment.

7 comments

The way you should think about app authentication, is that when you are authenticated as an app, you can act like a regular user with access to only this app. As opposed to admin users, regular users cannot delete items, files and other content not created by themselves. They can only delete things they have created themselves.

For this reason, when using app authentication, you can only delete items you have created while authenticated as the app.

For the problem about not being allowed to add a file to an item, if you are sure the item is indeed in the app you are authenticated as, check that the box that allow users to add files is not unchecked in the advanced settings when editing the app. When authenticated as an app, you follow the same rules as regular users.

Casper Fabricius October 08, 2012 10:46 0 votes

Thanks Casper, so I will need to delete all my items and re-create them using app authentication, so that app authentication will be able to edit them in the future.

MHT Portal October 09, 2012 04:22 0 votes

No, regular users (and by extension, app authentication) are free to edit _items created by other users, they just can't _delete items they didn't create themselves.

Casper Fabricius October 09, 2012 07:49 0 votes

It would be nice to have an option to grant an app admin rights if I (as an admin!) would like to.

Daniel Srb October 29, 2012 17:36 0 votes

Me too, the app authentication need to have privileges to delete all the itens.

Bruno Soares Lima October 30, 2012 17:29 0 votes

A work around you can use is to add a user to the app solely for the use of your own software. Make that user a space admin and authenticate with user authentication. Then you will have full access to edit and delete everything in the space from your code.

Casper Fabricius October 31, 2012 07:56 0 votes

Hi,

This post helped me determine whether regular (or light) users can delete files without having to test it.

I recommend adding that information to the following help item since it did not discuss deletion of "files and other content", but only "items".

Member roles in workspaces

Perhaps the two entries below related to deletion of content can be edited (with the bold information) - if it is correct, of course. I also recommend clarifying what "other content" can (or cannot) be deleted, especially since regular and light users can edit any item field, which includes deletions, such as relationships and information in text fields. However, can image files be deleted? (I think they can.)

Delete others' app items and files and other content
(if the user is creator of the app)

and

Delete others' app items and files and other content

I have important use cases where I want to give delete access to some people for some things (like files), but not Admin access because I don't want them deleting items - especially those having relationships created by flows that the users might not have knowledge of.

I also don't want regular or light users deleting items that they created themselves because those might have the same issue.

Mark Cannon December 29, 2016 23:20 0 votes