This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Forbidden error while editing product

Posted on 01-16-2020 01:12 AM
amrutachandankh
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi All,

I have added a user to a custom role and created a product.The role has get,put,delete permission for that product.The user can delete the product,but he cant edit the product and add api resources like proxies.

Getting "Forbidden!You dont have permission to access the resource" error.

Can anyone please help.

0 5 137
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
jaupadhyay
New Member
Reply posted on --/--/---- --:-- AM

Hi Amruta

Here is the Apigee documentation page for permissions reference.

https://docs.apigee.com/api-platform/system-administration/permissions#resource-files

Did you create custom role using Edge UI or Management API call? Use Management API call to check the permissions on your custom roles. It should have permissions on following resource path.

/apiproducts

/apiproducts/*

/apiproducts/*/attributes

/apiproducts/*/attributes/*

If you are missing any permission please add those to your custom role. It will let you perform the rquired operation.

0 Likes

Posted on --/--/---- --:-- AM
amrutachandankh
Bronze 3
Bronze 3
In response to jaupadhyay
Reply posted on --/--/---- --:-- AM

Hi Jayesh,

below are the permissions

"path": "/apiproducts/<productname>", "permissions": [ "delete", "put", "get" ]

"path": "/apiproducts", "permissions": [ "put" ]

"path": "/apiproducts/*", "permissions": []

The user is able to view the product but cant edit it and add proxies into the product

0 Likes

Posted on --/--/---- --:-- AM
jaupadhyay
New Member
Reply posted on --/--/---- --:-- AM

Hi Amruta

You are using correct permissions.

I have created custom role using above permissions you mentioned and It did work for me.

One more thing to check is ,

When you login on edge UI using user with custom role permission , can you check products page. Under Action column there will be roles button. When you click on that button you should see all three permissions(View Edit Delete) available. If required permission is not available you can amend it from there.

Other thing to check is, does that product have any custom attribute set up already? If you try and save that product you will also require following path with put permission

/apiproducts/*/attributes/*

0 Likes

Posted on --/--/---- --:-- AM
amrutachandankh
Bronze 3
Bronze 3
In response to jaupadhyay
Reply posted on --/--/---- --:-- AM

Thank you Jayesh.

After giving,get and put permissions to deployments its working fine.

"path": "/deployments", "permissions": [ "put", "get" ]

0 Likes

Posted on --/--/---- --:-- AM
jaupadhyay
New Member
Reply posted on --/--/---- --:-- AM

@Amruta Chandankhede That's great news and very useful to know how you managed to resolve this issue.

0 Likes