I have created module with Rest API for that using following link
Extending-the-Magento-REST-API
When I run following URL /api/rest/magepim/products/count I get 403 error.
Deeper research of magento core code show that problem here
\app\code\core\Mage\Api2\Model\Server.php
string #216
if (!$globalAcl->isAllowed($apiUser, $request->getResourceType(), $request->getOperation()))
What's wrong in example? I guess reason is missing or incorrect acl in xml files but where?
Magento version is 1.8
Did you follow the below instructions?
In the admin, System->webservices->REST Roles-> Add administrator role.
Create a role as admin and select the "MagePim API calls" from the Role API resources list.
Then In the Role users tabs, select the admin user ( by selecting "Any" in the dropdown and user list will be shown. From that select admin user and save.
Then try and let me know if any issues.
Related
I am new to OrcardCMS. I have been working with it for some days with no issue, but yesterday I got one which I have not been able to solve since then.
I am creating a headless CMS with Graphql and Facebook login. I test my app with Postman and the integrated Graphql interface in the admin panel.
There are two users so far: the admin and me with my Facebook account. I set my FB user account to Author role, which means I can only query the content items which I own. I set up the OIDC server as well so I can authenticate with Postman and also can sign in to the admin panel.
When I set my FB account role to Administrator, I can query all the content items (not just the ones that I created - this is OK). I assume that if I set my role to Author, I should be able to query only my content items. The strange thing is that when I set my role to Author, I get an error: GraphQL.Validation.ValidationError: Authorization is required to access the field. player.
Is it a bug or I did something wrong?
I'm trying to make users follow a SharePoint Online site using the Microsoft Graph API. When I enter my user ID in the below scenario, the operation is successful. When I use another user's ID, the operation fails with a 403 error. The text says to check the permissions in the modify box but all permissions are granted. Is this just a limitation of the API that you can't make another user follow a site?
Error image
My test result is same with you, I think follow site should be a personal action, so setting follow site for others is prohibited.
GOAL: Create users in Azure Active Directory using our Global Admin account from an API.
PROBLEM: Every single way I try, I get "unauthorized".
WHAT I'VE TRIED:
I've been focusing mostly on this: https://graph.microsoft.com/v1.0/invitations
I've tried as outlined here
the "Authorization Bearer {token}" is problematic -- I can't seem to properly retrieve tokens, using any of the built URLs recommended (ie, combining ClientID & TenantID in the URL.)
I've tried the relevant portions of this, including creating the app, setting permissions on the app, trying both Web API and Native. I'm able to get a code back, but using it always comes back with Unauthorized.
As an aside, I am using Nintex to run this web service, as it is part of my workflow. Typically, web services don't give me issues. So, this sucks.
I'm missing something, here. Any thoughts or direction?
UPDATE: Removed the word "method" - bad choice of phrasing.
If you want to use Microsoft Graph explorer to create user as the global admin, you could use POST https://graph.microsoft.com/v1.0/users, and the required permission is:
Permissions
For the details, you could read Create user.
Global admin runs as a user by default. To grant access to Active Directory, you need to elevate permissions in the portal.
I'm not convinced you have the permissions to create the user, and that's why I think you're getting the error.
Also, try and avoid using Global Admin. Create a Service Principal and provide more granular permissions.
I'm having trouble to make this works:
API console
code error :
{
"code":22,
"response":"You do not have admin privileges on forum 'fabien-greard'"
}
I tried to change my app permission to :
Read, Write, Manage Forums (without any effect).
My app is using the same username than my forum (i'm the owner)
Any ideas ?
The easiest way to do that is by handling API request in Postman.
For it, we need the credentials from our site's Disqus api:
With this in mind, we go to postman and we use that credentials for sending request:
Two parameters more are required here: forum, the site where you want to create the categories, and the category's name as title.
Don't forget to use an admin user to have permissions for managing forums, the api will know you are admin by using also the access token.
when I trying to fetch all product list with rest api.
http://magento-11498-25844-78339.cloudwaysapps.com/api/rest/products
it shows 500 internal server error
As i can see Magento rest API is not configured. Below two steps are required.
Preparing for REST API
These steps are required for utilizing REST API resources:
1. Set up permissions for REST resource operations from Magento Admin Panel.
2. Configure the attributes for different users types in Magento Admin Panel. There are 3 different types of users in accessing the data: Admin, Customer, and Guest. Admin is the backend logged in user, Customer is the fronted logged in user, and Guest is a non-logged in fronted user.
Also you can follow below url for better assistance.
http://devdocs.magento.com/guides/m1x/api/rest/introduction.html
Please follow below Steps which is working fine for me.
1. Login to the admin panel
2. System >> Web services >> Rest Roles
3. Then click on guest then choose catalog all item then save the role
4. Then Click on System >> Web services >> Rest Attributes then Choose all then save.
Hope It will work fine. Thanks
Please look at the screens shots too.