Enonic version: 6.4.1
I’m creating an app for getting feedback from your users. This app gets some feedback,
POSTs it to a service, and this service uses the content lib to create the content.
When I try to create a piece of content, I get this error:
"Access denied to [/test-site/feedback] for [CREATE] by user [unknown] (com.enonic.xp.resource.ResourceProblemException)"
Since I’m an installed app, I would assume I had some kind of rights or role attached to my request. Guess not. But where do I go from here? Do I use the auth lib to log in? What do I log in as? I don’t want the user to create a user for this app - I want it to work automatically!
Another related question - for now I’m continuing development by setting the permissions of the folder manually so that I can create content. I create content successfully - but it doesn’t show up in the content studio. What am I doing wrong?
The docs doesn’t specify what branch the created content is put on - does it default to
draft, the same as its parent or a special branch? Edit: looks like it’s created on
master - figured it out by playing around with
content.publish() - but it still doesn’t show up in the content studio.
Anonymous users don’t have “create” permissions in your repository. So the solution to the first question is to use the context lib to create the content as the SU or another user that has “create” privileges in the folder where you are saving the users’ content.
When you are in “preview” on draft branch then all content will be created in draft. But visitors on the production site will be in the “master” context and their content will be created in “master” by default, so you can’t see it in the Content Studio. The solution to the second question is that you should always create the content in the “draft” branch and then immediately publish it into the “master” branch.
Thanks for the quick response @mla
Can I expect every user of my application to have the
context.run method worked well - thanks a ton!
You don’t want to give “everyone” create privileges, so you just run that one function, contentLib.create(), as the SU (or another user that has “create” permission).
no i mean - can I expect that the SU user is available on every enonic installation? or can you delete it?
Oh, I see. There will always be a system:su in version 6.x. We won’t have any breaking changes until 7.0.
Great Thanks for your help!
You could also set permissions for the destination folder of the submission to “everyone can create” and simply drop the content into the draft branch?
Yep, that was what I did first. But I’d rather not tell the users of my application to screw around with permissions if I don’t have to.
an alternative is creating The folder With permissions programatically on first submit.