V8-archive: Use createItem in custom endpoint

Hmm, @bjgajjar @rijkvanzanten — any thoughts? I assume this will transfer to the API? Or is it a Docs issue?

I would think that this should work, which would make it a bug?

Expect it to create a new item in the collection.
Instead, it gives what seems like a permission error message.

Reduced it down to a very basic collection for this discussion.

Here is the code for the post inside of public/extensions/custom/endpoints/example.php:

<?php                                                                                                  
use Directus\Application\Http\Request;                                                                 
use Directus\Application\Http\Response;                                                                
use Directus\Services\ItemsService;                                                                    

return [
    '' => [
        'method' => 'POST',
        'handler' => function (Request $request, Response $response) {                                 

            $itemsService = new ItemsService($this);
            $payload = array();                                                                    
            $programs = $itemsService->createItem('test', $payload);                                   

            return $response->withJson([
                $programs                                                                              
            ]);
        }       
    ],
]; 

Here is the post:

POST /_/custom/example HTTP/1.1
Host: myexamplesite.com
Content-Type: application/x-www-form-urlencoded
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciRANDOMTOKEN4cCI6MTU2MTU4MTU0MSwidHlwZSI6ImF1dGgiLCJrZXkiOiJhMzFjM2FlMy0zY2VmLTQ1YjUtOTMRANDOMTOKENLCJwcm9qZWN0IjoiXyJ9.BDthSySZOWQP2n_FuJ4u8FbEJ5znxSzb85mei6aOKSU
User-Agent: PostmanRuntime/7.11.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 6c5ae5d2-cace-458d-8a77-c37a2fbb6b03,f66243d9-f199-4d38-83aa-97b7da42fc80
Host: myexamplesite.com
cookie: PHPSESSID=9v17ena9ema0vve5kepcu5vb34
accept-encoding: gzip, deflate
content-length: 
Connection: keep-alive
cache-control: no-cache

Response:

{
    "error": {
        "code": 301,
        "message": "Creating item to \"test\" collection was denied"
    }
}

Table:

'CREATE TABLE `test` (
  `id` int(15) unsigned NOT NULL AUTO_INCREMENT,
  `created_by` int(10) unsigned DEFAULT NULL,
  `created_on` datetime DEFAULT NULL,
  `modified_by` int(10) unsigned DEFAULT NULL,
  `modified_on` datetime DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1'

Permissions table:
The token in the post belongs to a user with role 5.

id,collection,role,status,create,read,update,delete,comment,explain,read_field_blacklist,write_field_blacklist,status_blacklist
111,test,2,published,full,full,full,full,full,none,NULL,NULL,NULL
112,test,2,draft,full,full,full,full,full,none,NULL,NULL,NULL
113,test,2,deleted,full,full,full,full,full,none,NULL,NULL,NULL
114,test,5,published,full,full,full,full,full,none,NULL,NULL,NULL
115,test,5,draft,full,full,full,full,full,none,NULL,NULL,NULL
116,test,5,deleted,full,full,full,full,full,none,NULL,NULL,NULL

@circletime

May I know the version of the Directus which you used? I am able to add the entry in the collection (Using your code) if the permission is given in the lastest version.

Version 7.1. We will try to upgrade,
but I'm wondering if we've just made a mistake somewhere in the custom setup.
Have you used exactly the same code which I sent? If not, can you please send your code.

Sorry about that. It seems to be working once I upgraded. Thanks for your help.