Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Translations Interface Role with restricted language edit invalid values: language_id #14414

Closed
w0kyj opened this issue Jul 13, 2022 · 4 comments
Closed

Translations Interface Role with restricted language edit invalid values: language_id #14414

w0kyj opened this issue Jul 13, 2022 · 4 comments
Assignees
@azrikahar
Labels
🍰 Feature

Comments

@w0kyj
Copy link
Member

w0kyj commented Jul 13, 2022
edited by licitdev

Describe the Bug

Created a user role with the language restricted permissions, using the Directus Cloud Demo project. The goal is to restrict the user to only being able to edit pt-BR translations fields.

As long as the translations junction table entries exist, the role permissions seem to work as expected, but when the pt-BR junction entries don't exist for an existing article, then the user gets one of two errors depending on Articles Update permission:

{
  "message": "You don't have permission to access this.",
  "extensions": {
    "code": "FORBIDDEN"
  }
}

OR

The following fields have invalid values:
- languages_id: validationError.undefined
^^ Another user reported getting: languagesCode: value has to be pt

To Reproduce

Directus Cloud Demo project collection permissions for Language Restricted Role:

  • articles

    • Create - None

    • Read - All

    • Update - All (only way to get the actual junction table error)

    • Update - Ideally fields are restricted to Id and Translations with the following filter rule, but get Error: You don't have permission to access this

        {
    "_and": [
      {
        "translations": {
          "languages_id": {
            "code": {
              "_eq": "pt-BR"
            }
          }
        }
      }
    ]
  }

  • articles_translations

    • Create: All Fields and filter

        {
    "_and": [
      {
        "languages_id": {
          "code": {
            "_eq": "pt-BR"
          }
        }
      }
    ]
  }

    • Read: All Fields and filter

        {
    "_and": [
      {
        "_or": [
          {
            "languages_id": {
              "code": {
                "_eq": "en-US"
              }
            }
          },
          {
            "languages_id": {
              "code": {
                "_eq": "pt-BR"
              }
            }
          }
        ]
      }
    ]
  }

    • Update: All Fields and filter

        {
    "_and": [
      {
        "_or": [
          {
            "languages_id": {
              "code": {
                "_eq": "pt-BR"
              }
            }
          },
          {
            "languages_id": {
              "code": {
                "_eq": "en-US"
              }
            }
          }
        ]
      }
    ]
  }

  • languages

    • Create: None

    • Read: All Fields and filter

        {
    "_and": [
      {
        "_or": [
          {
            "code": {
              "_eq": "en-US"
            }
          },
          {
            "code": {
              "_eq": "pt-BR"
            }
          }
        ]
      }
    ]
  }

    • Update: None

User with Language Restricted Role:

  • Edit Article that has existing pt-BR translations, works as expected
  • Edit article with empty pt-BR translations fields
  • Attempt to save
  • Get one of the described errors depending on the collection Articles Update permissions
  • NOTE: If admin or other authorized user edits the pt-BR and junction created entry then this user can edit as noted in first bullet.

Errors Shown

{
  "message": "You don't have permission to access this.",
  "extensions": {
    "code": "FORBIDDEN"
  }
}

OR

The following fields have invalid values:
- languages_id: validationError.undefined

OR

The following fields have invalid values:
- languagesCode: value has to be pt

What version of Directus are you using?

9.13.0 & 9.14.1

What version of Node.js are you using?

Directus Cloud

What database are you using?

Directus Cloud

What browser are you using?

Chrome

How are you deploying Directus?

Directus Cloud
@licitdev licitdev added the API label Jul 14, 2022
@rijkvanzanten
Copy link
Member

I believe this is the same confusion around validation only checking against the payload, not against the full final object. In this case, the app most likely only submits {id: 1, text: 'some Portuguese text'} to the API, which in turn causes the validation to fail, as language_id isn't set even though it already exists as such in the DB

This was referenced Aug 17, 2022
Closed
Closed
@micheljacquot34
Copy link

micheljacquot34 commented Nov 3, 2022
edited

I'm having a similar issue.
Using latest version, 9.20.4

I've created a specific role, but I can't restrict the editing to a specific language.

@rijkvanzanten
Copy link
Member

Linear: ENG-230

@azrikahar azrikahar mentioned this issue May 25, 2023
Open
@rijkvanzanten
Copy link
Member

I believe this has since been resolved

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@azrikahar azrikahar

Labels
🍰 Feature
Projects
Software Roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rijkvanzanten @licitdev @w0kyj @azrikahar @micheljacquot34