I’ve cloned the CRM module in the Low-code and now messing around with it.
Steps to reproduce:
I’ve created a custom-made module
I can add a new record via the web-interface successfully
Created an API user with Super Administrator role
Created an Auth client (grant type = client_credentials)
Successfully authorized in the API
“scope”: “profile api”,
“sub”: “266670462006722563”,
“token_type”: “Bearer”
Getting an error, when trying to create a new recorn in my module
“message”: “not allowed to create records”,
“meta”: {
“resource”: “compose:record”,
“type”: “notAllowedToCreate”
},
Tried to change permissions everywhere to make them as permissive as possible, but without success
I’m probably missing something on the permission level, but documentation is quite fragmented so it’s hard to grasp the entire image.
When I change this request to GET instead of POST, I am receiving a proper response containing a list of records within the module. First I have tried with my super admin account (I was able to create a new row with UI, but was unable to do it via API) and also with a specially created user with a new role with all possible roles around the module in use
In my case, the issue was not around the permissions related to the role that I have defined, but with the fact, that (according to my findings) when defining a client, you need to define not only the user for impersonating but also forced and permitted roles. Only after I have created a new client with all those three elements defined I was able to use all permissions defined for the role (as I have mentioned in my other post, it is possible that there is some bug, as changing Permitted and Forced roles on the already created client doesn’t impact permissions).