V8-archive: Users cannot patch collection_presets when update permissions set to "mine"
When collection_presets update permission is set to mine, which is by default. Regular user is unable to send PATCH request to update his record. This way it's impossible for them to customise their collection view unless the update permissions is manually set to all.
Here, you can see that the record with id 10 exists and is assigned to user with id 2, who is the currently logged in user.
System
- API: [2.0.10]
- Web Server: [Nginx 1.14.1]
- PHP Version: [eg: 7.0.32]
- Database: [eg: MySQL 5.7.24]
honzabilek4
All 4 comments
Thanks @honzabilek4 — we're on it!
benhaynes
on 4 Dec 2018
Also it should be noted that this also happens with any permission that needs to verify the owner of the item.
wellingguzman
on 30 Jan 2019
Another thing to add here is because at the moment we can't tell what field store the owner of collection_presets, we can't properly verify the permission using mine or role. The API tries to look for a field user_created type, and this should change for another field for owner, and one case of author this can be either a new type or a fixed logic.
wellingguzman
on 22 Feb 2019
For directus_collection_presets, we can use the user column for this purpose.
rijkvanzanten
on 18 Mar 2019
Related issues
Nitwel
·
3Comments
rijkvanzanten
·
3Comments
maettyhawk
·
3Comments
magikstm
·
3Comments
HashemKhalifa
·
3Comments
Most helpful comment
Thanks @honzabilek4 — we're on it!