Replies: 2 comments 5 replies
-
|
The response on create is based on the read permissions. Does this user have the read permissions for the id field? |
Beta Was this translation helpful? Give feedback.
-
|
No that's part of the problem. It is on purpose because the point here is only to upload something then get the file ID to create another item on another collection. The file is only read by an admin. |
Beta Was this translation helpful? Give feedback.
-
|
Very late reply here. You can provide read only access to the ID field only. Open the permissions, then select "Use custom" under your desired collection. There you will be able to select which fields your users can read. |
Beta Was this translation helpful? Give feedback.
-
|
That won't prevent someone from just doing a |
Beta Was this translation helpful? Give feedback.
-
|
If I remember well, I ended up with a new custom endpoint which creates the record as an admin and then returns the ID |
Beta Was this translation helpful? Give feedback.
-
|
linking for discoverability: #11464 would (IMO) solve this |
Beta Was this translation helpful? Give feedback.
-
|
@SeanDylanGoff Fully agree |
Beta Was this translation helpful? Give feedback.
-
Hi everyone!
I am actually facing a permission issue in my current project. It is allowed to create a file but read access is restricted given on a custom
directus_filesfield (is_public).Upload works as expected (
POST /files) but the API response is empty if the file cannot be read. The problem is that it is impossible to get the ID of the uploaded file. I presume it happens with any collection so maybe someone has a solution for this problem?I tried to change the response in a
files.createhook (I wanted to manually add the new file ID) but it is not possible to access the response in a hook.The only suggestion would be to upload files from a custom endpoint? :/
Thanks in advance for your help!
Beta Was this translation helpful? Give feedback.
All reactions