Start a new topic
Answered

Error while saving to an existing entity.

I fetched the object from the backend, but when I modify it and try to save it again it always gives me this error: 


The credentials used to authenticate this request are not authorized to run this operation. Please retry your request with appropriate credentials


But if I change the entityID it will create a new object and save it without a problem. is there a way to fix this?


Best Answer

Hi Ben,


This seems like an error with collection level permissions.


My best guess is that you are facing this error due to following scenario: Collection is in shared mode where the logged in user can fetch/view all objects but can modify only the objects created by the logged in user. And logged in user (say A) is trying to modify object created through the console (with master credentials) or by another user (say B).


If you create an object with the logged in user and then, try to modify using the same user, then it should work.


Additionally, this document can help you with setting up and managing access permissions and security: http://devcenter.kinvey.com/rest/guides/security



Regards,

Wani

Kinvey Support


Your previous post answered the question. I had switched the position for the wrong collection and I had relished that right after I posted that. Sorry for the inconvenience.

Hi Ben,


Can you tell me about the use case? What's the collection for? Who is supposed to have permissions for read/write? What's the current collection level permissions setting?


Answers to above questions will help me suggest you the best possible approach to set up collections and access control.


The global read/write permissions can be set while creating the object and they can be edited later as well.



Regards,

Wani

Hi Wani,


User A is able to modify the object but then User B is unable to. I have read the article you posted and added this into my code while creating the object:


group.metadata?.setGloballyWritable(true)

group.metadata?.setGloballyReadable(true)


Are you supposed to put it when you create the object and save it into the server or is there another place to put it? Also is there another thing that may be wrong with the code?



Answer

Hi Ben,


This seems like an error with collection level permissions.


My best guess is that you are facing this error due to following scenario: Collection is in shared mode where the logged in user can fetch/view all objects but can modify only the objects created by the logged in user. And logged in user (say A) is trying to modify object created through the console (with master credentials) or by another user (say B).


If you create an object with the logged in user and then, try to modify using the same user, then it should work.


Additionally, this document can help you with setting up and managing access permissions and security: http://devcenter.kinvey.com/rest/guides/security



Regards,

Wani

Kinvey Support

Login or Signup to post a comment