Insufficient Privileges when using token


SELF-SOLVED

I had to change the index name to match the schema and then add all_user_names function to logged-in role. Thanks and apologies to anyone who may have looked into this.

I appreciate that I had this issue previously at:


However, on re-building the db from scratch I have attempted to incorporate the suggestions (including my own) in that thread and currently still have this issue:

I get:

"errors": [
{
"message": "Insufficient privileges to perform the action.",
"extensions": {
"code": "permission denied"

when I run:

query AllUserNames {
allUserNames
}

which uses function all_user_names:

{
  name: "all_user_names",
  role: Role("all_user_names"),
  body: Query(
    Lambda([], Select("data", Paginate(Match(Index("all_UserNames")))))
  )
}Schema definition is:type Query {  allUserNames: [String!]! @resolver(name: "all_user_names")

I use a token obtained from logging in which means that any function not added to role logged-in will not get permissions. However, function all_user_names has been added to the role. The relevant FQL:

{
  ref: Role("logged-in"),
  ts: 1603942095110000,
  name: "logged-in",
  privileges: [
    {
      resource: Ref(Ref("functions"), "all_user_names"),
      actions: {
        call: true
      }
    }
  ],
  membership: [
    {
      resource: Collection("User")
    }
  ]
}
{ ref: Role("all_user_names"),ts: 1603943422115000,  name: "all_user_names",privileges: [   {      resource: Collection("User"),
      actions: {
        read: true,
        write: false,
        create: false,
        delete: false,
        history_read: false,
        history_write: false,
        unrestricted_read: false
      }
    },
    {
      resource: Index("unique_User_username"),
      actions: {
        unrestricted_read: false,
        read: true
      }
    }
  ],
  membership: []
}

  1. Why am I getting ‘permission denied’ error in PG?
  2. What configuration changes do I need to make to get past this?

thanks …

1 Like

Thanks for adding the solution. Sorry that we didn’t jump in before you found it yourself :slight_smile:
Adding this reply so it no longer shows up in unsolved questions :upside_down_face:

No worries. Would really appreciate some help with this issue as I’ve been attempting it for some time and cannot proceed with the rest of my development without resolving it.
If possible, thanks in advance …