Problem deleting & attaching files to items
Answered
Hi,
I am trying to delete and attach files using the PHP client and app authorization.
In the docs, these operations are listed as possible, but I get the following type of error:
The app with id ..... does not have the right add_file on item with id .....
The app with id ..... does not have the right delete on file with id .....
I have re-checked all the IDs: app, item & file. In fact for the delete operation, I authenticate using app authentication, get the item and list it's files, then try to delete the file using the file ID directly. I have checked that it is using a valid file ID and that the file is attached to the specified item and that the item is in the specified app.
The only possibility I can see is that the item was originally created using server-side authentication. The file I am trying to delete was uploaded and attached in the same way. Is this the problem? If so, is there any way to work around it?
The goal is to have an automated update system, so app authorization is what I need.
-
The way you should think about app authentication, is that when you are authenticated as an app, you can act like a regular user with access to only this app. As opposed to admin users, regular users cannot delete items, files and other content not created by themselves. They can only delete things they have created themselves.
For this reason, when using app authentication, you can only delete items you have created while authenticated as the app.
For the problem about not being allowed to add a file to an item, if you are sure the item is indeed in the app you are authenticated as, check that the box that allow users to add files is not unchecked in the advanced settings when editing the app. When authenticated as an app, you follow the same rules as regular users.
-
A work around you can use is to add a user to the app solely for the use of your own software. Make that user a space admin and authenticate with user authentication. Then you will have full access to edit and delete everything in the space from your code.
-
Hi,
This post helped me determine whether regular (or light) users can delete files without having to test it.
I recommend adding that information to the following help item since it did not discuss deletion of "files and other content", but only "items".
Member roles in workspaces
Perhaps the two entries below related to deletion of content can be edited (with the bold information) - if it is correct, of course. I also recommend clarifying what "other content" can (or cannot) be deleted, especially since regular and light users can edit any item field, which includes deletions, such as relationships and information in text fields. However, can image files be deleted? (I think they can.)
Delete others' app items and files and other content
(if the user is creator of the app)and
Delete others' app items and files and other content
I have important use cases where I want to give delete access to some people for some things (like files), but not Admin access because I don't want them deleting items - especially those having relationships created by flows that the users might not have knowledge of.
I also don't want regular or light users deleting items that they created themselves because those might have the same issue.
Please sign in to leave a comment.
Comments
7 comments