Post

3 followers Follow
0
Avatar

Permission to Update

Hi all,

I would like to know why some Apps, I don't have permission to update by API. I created a item by user in the both apps, and one of them I couldn't update because of permission.

I'm using APP authentication in both of the cases.

Someone can help me?

Bruno Soares Lima Answered

Please sign in to leave a comment.

9 comments

0
Avatar

Hi Bruno

Pretty sure it is because "allow edit" is turned off on the app. If you go and modify the apps, you should see the difference.

If the setting is off, only admins and the user who created the item, can edit it. SInce the app did not create the items (you did), then with this setting off, you would not have the required permission on the item.

Christian

Christian Holm 0 votes
0
Avatar

Hi Christian,

It was exactly that, I changed in my app and now I can change by API.

Thank you.

Bruno Soares Lima 0 votes
0
Avatar

Hey Christian and Andreas...  I have found the error messages coming from the API to be generally pretty criptic... I always try to tell my programmers to not only tell me there was an error, but give the user some suggestion(s) on how to fix the issue.  It might be worth updating this error message to mention this.  Would make the usability of the API much better... thanks!

Patrick Steil 0 votes
0
Avatar

Hey, also, what would be the API to check on this security setting so that we could detect this with the API and warn the user?  

Thanks!

Patrick Steil

http://www.podiotools.com 

Patrick Steil 0 votes
0
Avatar

The app has a 'rights' property you should check. In the new PHP client there's even a convenience method called "can" so you can do things like:

$app = PodioApp::get(123);

if ($app->can('update')) {

// I can edit this app

It will also throw a "PodioAuthorizationError" exception. Just more reasons to jump on the new client.

Andreas Haugstrup Pedersen 0 votes
0
Avatar

Just to make clear: In the old PHP client you can look at the 'rights' property as well, but you don't have the convenience method. I'll leave that example as an exercise for the reader :)

Andreas Haugstrup Pedersen 0 votes
0
Avatar

Hi there - in having a similar problem running into a permission problem with my PUT call to update an item. If I query a GET on the item it says that I have edit privaledges but when sending the PUT call it returns the permissions error. I created the item so it shouldn't be an issue. Am I missing something?

Kyle Ruebsamen 0 votes