EntityAuthorizeScopes problem

BIZ TMS XData
1

My last issue was Problem with EntityAuthorizeScopesattributes - BIZ / TMS XData - TMS Support Center (tmssoftware.com) and that was solved for users with an administrator scope.

I am now testing a lower level of user where scope = adminuser.

The EntityAuthorizeScopes set on the object are

 [EntityAuthorizeScopes(SCOPE_ANY_ADMIN, EntitySetPermissionsRead)]
 [EntityAuthorizeScopes(SCOPE_ADMIN, EntitySetPermissionsAll)]

  SCOPE_ADMIN = 'administrator';
  SCOPE_ADMIN_USER = 'adminuser';
  SCOPE_ANY_ADMIN = 'administrator,adminuser';

However, I get the following error:

ERROR
XData server request error. Uri: http://localhost:2015/tenovus/Region?$orderby=Ref asc&$top=10&$inlinecount=allpages 
Status code: 403 Forbidden | fMessage::XData server request error. Uri: http://localhost:2015/tenovus/Region?$orderby=Ref asc&$top=10&$inlinecount=allpages Status code: 403 Forbidden 
FJSError::Error: XData server request error. Uri: http://localhost:2015/tenovus/Region?$orderby=Ref asc&$top=10&$inlinecount=allpages Status code: 403 Forbidden fHelpContext::0 FErrorResult::[object Object]
at http://localhost:8000/GAShopApp/GAShopApp_1_0_379.js [70476:17]

What am I doing wrong here? ( I must admit the logic baffles me).

2

I have solved this. It seems there mustn't be overlap: so

 [EntityAuthorizeScopes(SCOPE_ANY_ADMIN, EntitySetPermissionsRead)]
 [EntityAuthorizeScopes(SCOPE_ADMIN, EntitySetPermissionsAll)]

causes an error but

 [EntityAuthorizeScopes(SCOPE_ANY_ADMIN, EntitySetPermissionsRead)]
 [EntityAuthorizeScopes(SCOPE_ADMIN, EntitySetPermissionsWrite)]

is fine.

2 Likes
3

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.