Reputation: 1
AccessDenied error in GraphQl API, can't figure it out
GraphQl PLayground Error screenshot (same error I get in the client)
Hello everyone, I am having a very frustrating problem on a small project i'm working on. I cannot delete items from my cart on the client because I get an accessDenied error. This website has no authentification, and it is not supposed to. I want everyone who is on the site to be able to add and delete cart items at will. I am using GraphQl, Keystone, and mongoDB, I have tried everything I can in the keystone.js database to allow access, I have the access field on all lists and set everything to true. I can delete CartItems just fine in the graphQl Playground, but not on the client or in the admin playground. If anyone can offer some help or advice it would be greatly appreciated, thanks!
Here is my keystone DB:
const { Keystone } = require('@keystonejs/keystone');
const { GraphQLApp } = require('@keystonejs/app-graphql');
const { AdminUIApp } = require('@keystonejs/app-admin-ui');
const { MongooseAdapter: Adapter } = require('@keystonejs/adapter-mongoose');
const FoodItem = require('./lists/FoodItem');
const Category = require('./lists/Category');
const Salad = require('./lists/Salad');
const Order = require('./lists/Order');
const saladCartItem = require('./lists/saladCartItem');
const foodCartItem = require('./lists/foodCartItem');
const Cart = require('./lists/Cart');
const PROJECT_NAME = 'ghost-grits';
const adapterConfig = { mongoUri: process.env.DATABASE_URL };
const keystone = new Keystone({
adapter: new Adapter(adapterConfig),
cookieSecret: process.env.COOKIE_SECRET,
defaultAccess: {
list: true,
field: true
}
});
keystone.createList('FoodItem', FoodItem)
keystone.createList('Category', Category)
keystone.createList('Salad', Salad)
keystone.createList('Order', Order)
keystone.createList('saladCartItem', saladCartItem)
keystone.createList('foodCartItem', foodCartItem)
keystone.createList('Cart', Cart)
module.exports = {
keystone,
apps: [new GraphQLApp({ isAccessAllowed: true }), new AdminUIApp({ name: PROJECT_NAME, enableDefaultRoute: true, isAccessAllowed: true })],
};
And here is the access field, I have put an identical one of these on all my lists:
const FoodItem = list({
access: {
read: true,
update: true,
delete: true,
create: true
},
Upvotes: 0
Views: 1559
Answers (1)
Reputation: 1138
This is known issue in keystone. When you have no item with that Item id, it will give you access denied error even if there is no access control setup.
check if your client app is sending correct variable to graphql. you can use chrome devtools and look for api calls. make sure the query is right and variable has correct data. You can also check by querying the item using that id and if that returns any result.
Upvotes: 1
Related Questions
- I have this error Unauthorised admin to execute command mongoose + Graphql
- How to fix GraphQL error - Not Authorized
- Why is graphcms graphql giving me a 403 error?
- KeystoneJS login via GraphQL mutation
- GraphQL error when launching KeystoneJS application
- Keystone.JS API User Authentication (not Admin-UI)
- Perform an authenticated keystone.js / GraphQL API query
- Permissions in GraphQL
- GraphQL Authorization / Permission
- GraphQL with mongoose