Forum Discussion

kavencai's avatar
kavencai
Contributor
10 years ago

what permission is needed to access those apis?

hi, guys

 

I try to access below apis, but I always get error like "User xxx does not have the following permission(s) at xxx: [ allow_manage_users ]", do you know what special permission setting need to do to acceess the apis?

 

/users/id/[id] /logins/coun

/users/id/[id] /online/minutes/count

/users/id/[id] /views/boards/style/all/count

/users/id/[id] /views/boards/style/blog/count

/users/id/[id] /views/boards/style/forum/count

/users/id/[id] /views/boards/style/idea/count

/users/id/[id] /views/posts/style/all/count

/users/id/[id] /views/topics/style/blog/count

/users/id/[id] /views/topics/style/idea/count

 

 

Thanks!

  • luk's avatar
    luk
    10 years ago

    Hi kavencai,

    no worries, I'm very new to Lith too...learning every day...

    A page that helped me a lot is http://community.lithium.com/t5/Developers-Knowledge-Base/FreeMarker-context-objects-and-directives/ta-p/9217

    basically restadmin() is the same as rest() to make custom REST API calls from FreeMarker templates with the difference that it acts like if you were an Administrator, e.g. it will return hidden forum boards (for normal users) etc., so be very careful where and when to use it! I just had one call that would completely bring down the whole site with error 500 for anonymous/not logged in users if I didn't use restadmin(), all other calls (and there are many) work with the normal rest() context object but not

    /users/id/<user_id>/roles

    so when I saw all your calls with /users/id/... this jumped to my mind immediately =)

  • kavencaiCheck your permission at backend wether you have allowed the API access or not.

    Steps to check the Permission:

    1. Admin

    2. Users

    3. Select you user and see If he is granted the API permission  or not. If not allow the API permission:

    Toggle CloseREST API

    Make REST API calls with read access
     
    Make REST API calls with modify access

    and save.

     

    It should work If you will grant the API access.

    • kavencai's avatar
      kavencai
      Contributor
      bhupen,

      I have read permission to access API, everything works fine unless above APIs, so is Modify permission necessary to access those APIs?
      • bhupen's avatar
        bhupen
        Advisor

        kavencai  Check with read/ Modify  both once, once its working you can set up  as per your requirement.

  • Mmh, had that issue too and couldn't solve it, so I just used restadmin() instead of rest(), maybe that works for you too?
    • kavencai's avatar
      kavencai
      Contributor
      hi, luk

      sorry, I'm a new guy and still learning Lithium, could you please give me more explanation, what is restadmin() and rest() you mean here? is it an api or something permission setting in the background?
      • luk's avatar
        luk
        Boss

        Hi kavencai,

        no worries, I'm very new to Lith too...learning every day...

        A page that helped me a lot is http://community.lithium.com/t5/Developers-Knowledge-Base/FreeMarker-context-objects-and-directives/ta-p/9217

        basically restadmin() is the same as rest() to make custom REST API calls from FreeMarker templates with the difference that it acts like if you were an Administrator, e.g. it will return hidden forum boards (for normal users) etc., so be very careful where and when to use it! I just had one call that would completely bring down the whole site with error 500 for anonymous/not logged in users if I didn't use restadmin(), all other calls (and there are many) work with the normal rest() context object but not

        /users/id/<user_id>/roles

        so when I saw all your calls with /users/id/... this jumped to my mind immediately =)