-
Notifications
You must be signed in to change notification settings - Fork 13
Missing privileges since shopware 6.5.4.0 #88
Comments
Hey @bilobait-lohrmann , I will have a look at your issue and will give your more information after testing it out |
FYI: I can reproduce the error and will fix this issue. I report the status here. You can also see the current progress in the Issuetracker: https://issues.shopware.com/issues/NEXT-29862 |
Issue is resolved: https://issues.shopware.com/issues/NEXT-29862 |
I just tested the newest release of shopware which should contain the fix with my apps. Unfortunately the error is still present. If you want i can send you the login credentials to the test system via slack |
Ok, i figured out, that i now have to add the privileges for create update and delete for my custom entites. This was not necessary yet. I updated my plugins, now everything seems to work again. |
I did some further tests. For the following code i still get a permission error
gives Uncaught (in promise) Error: Your app is missing the privileges read:sales_channel_domain, read:customer, read:newsletter_recipient, read:order, read:category_translation, read:country_state_translation, read:country_translation, read:currency_translation, read:customer_group_translation, read:locale_translation, read:media_translation, read:payment_method_translation, read:product_manufacturer_translation, read:product_translation, read:shipping_method_translation, read:unit_translation, read:property_group_translation, read:property_group_option_translation, read:sales_channel_translation, read:sales_channel_type_translation, read:salutation_translation, read:plugin_translation, read:product_stream_translation, read:state_machine_translation, read:state_machine_state_translation, read:cms_page_translation, read:cms_slot_translation, read:mail_template_translation, read:mail_header_footer_translation, read:document_type_translation, read:number_range_type_translation, read:delivery_time_translation, read:product_search_keyword, read:product_keyword_dictionary, read:mail_template_type_translation, read:promotion_translation, read:number_range_translation, read:product_review, read:seo_url, read:tax_rule_type_translation, read:product_cross_selling_translation, read:import_export_profile_translation, read:product_sorting_translation, read:product_feature_set_translation, read:app_translation, read:app_action_button_translation, read:landing_page_translation, read:app_cms_block_translation, read:app_script_condition_translation, read:app_flow_action_translation, read:tax_provider_translation, read:theme_translation for action "repositorySearch". and
gives Uncaught (in promise) Error: Your app is missing the privileges read:category_translation, read:tag, read:main_category, read:seo_url for action "repositorySearch". |
@jleifeld |
Sorry for taking so long I will take a look ASAP |
I know this might be unpleasant for you, but the requested permissions by the SDK are valid. Same goes for the CategoryDefinition. Please let me know if there are any cases where you search for an entity and a permission is requested that is not related to the read entity 😊 |
The problem is if I request the category repository that a lot of other plugins also can add a association to this. We therefore can't know all the associations and have to update all the time our app if a new plugin is installed on customer side. Is there a way we can say we don't want to load the associations? |
Ah I see. So what you are saying is that this problem also exists for reverse associations? |
Yes for example I have currently the following error if I load the product entity
|
Okay thats a real problem 😞 We only validate for read permissions if an |
i am not shure what you mean by "if an EntityCollection is requested in the Criteria" |
Currently you request like this: This will not give you errors for associations then. However if you request like this:
Will result in an error again as an association is requested that the app is missing read privileges for. |
yes. exactly for that i was looking |
I've created an issue and will start the work ASAP! Please take a look at the progress here: |
thank you |
This issue also appear from getting the element configs by the code below
Error message:
|
For Data sets we can't resolve this issue. We need to ensure that an app only gets the data from the shop it has rights for. https://shopware.github.io/admin-extension-sdk/docs/guide/api-reference/data/get |
Hi @seggewiss, thank you for your answer. It works for me. |
The issue is resolved and is already live in our cloud environment. For selfhosted it will be contained in the next patch release. You need to update your app to SDK version |
Hello @seggewiss i had today the chance to test in the current cloud env from shopware with the current sdk active. Unfortunately I still get the error: if i call
|
i did some further testing. on the client cloud i get the following error for the following call
The function where this error is thrown is In a clean cloud installation i don't get this error |
We have automated tests in place that assure the bug fix works. We will need more information to reproduce this issue
|
if it is easier we can meet on slack and i can show it to you directly |
Maybe a dumb question but are you passing in a criteria? Cause we are still unable to reproduce this |
Just for my understanding: Do you have plugins installed in your local instance or do you mean a cloud instance with installed apps? |
I just made a cloud instance with the newest version. Now everything works fine. Thanks for the help. If something new comes up i will open a new issue |
I have the same issue now. I want to receive the media from a product using the
The following error is thrown:
|
I will check this again today 👍 |
I could reproduce the error. We will have a look at it! |
We have problem related to privileges, which came up with the latest update. We are using the latest Admin SDK version:
We had the following code:
we could fix it updating our statement
the problem is for the following code I don’t have a solution
for the search I get a similar error, but also updates are affeccted
the priviliges of the app are the following
https://shopwarecommunity.slack.com/archives/C025YFFMP6W/p1691649876593379
The text was updated successfully, but these errors were encountered: