Error 403:Access Denied when editing own post.

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • macross_gb
    Junior Member
    • Apr 2018
    • 18

    Error 403:Access Denied when editing own post.

    A user can add a NEW note to the stream and edit and delete it.

    But when they try and edit a note in the stream that they have created just a couple of weeks ago at the point of saving the changes, they get Error 403: Access Denied.

    This is from the log file.

    [2019-06-13 12:32:18] Espo.ERROR: Display Error: , Code: 403 URL: /api/v1/Note/5cefa5e6351f8f749 [] []

    Anyone got an idea why they can edit new records but not older ones?
    Last edited by macross_gb; 06-13-2019, 12:41 PM.
  • Maximus
    Senior Member
    • Nov 2018
    • 2731

    #2
    Hello.
    Have you changed any permissions?

    Comment

    • macross_gb
      Junior Member
      • Apr 2018
      • 18

      #3
      Originally posted by Maximus
      Hello.
      Have you changed any permissions?
      Permissions make no difference. I've set up a role with everything turned on and they still can't edit older notes that they added.





      {"Account":{"create":"yes","read":"all","edit":"al l","delete":"all","stream":"all"},"Activities":tru e,"Calendar":true,"Call":{"create":"yes","read":"a ll","edit":"all","delete":"all"},"Campaign":{"crea te":"yes","read":"all","edit":"all","delete":"all" },"Case":{"create":"yes","read":"all","edit":"all" ,"delete":"all","stream":"all"},"Contact":{"create ":"yes","read":"all","edit":"all","delete":"all"," stream":"all"},"DocumentFolder":{"create":"yes","r ead":"all","edit":"all","delete":"all"},"Document" :{"create":"yes","read":"all","edit":"all","delete ":"all"},"EmailTemplateCategory":{"create":"yes"," read":"all","edit":"all","delete":"all"},"EmailTem plate":{"create":"yes","read":"all","edit":"all"," delete":"all"},"Email":{"create":"yes","read":"all ","edit":"all","delete":"all"},"ExternalAccount":t rue,"GoogleCalendar":true,"GoogleContacts":true,"I mport":true,"Invoice":{"create":"yes","read":"all" ,"edit":"all","delete":"all"},"JelasticSubscriptio n":{"create":"yes","read":"all","edit":"all","dele te":"all"},"KnowledgeBaseArticle":{"create":"yes", "read":"all","edit":"all","delete":"all"},"Knowled geBaseCategory":{"create":"yes","read":"all","edit ":"all","delete":"all"},"Lead":{"create":"yes","re ad":"all","edit":"all","delete":"all","stream":"al l"},"LifetimeRevenue":{"create":"yes","read":"all" ,"edit":"all","delete":"all"},"MailChimp":true,"Me eting":{"create":"yes","read":"all","edit":"all"," delete":"all"},"MonthlyRevenue":{"create":"yes","r ead":"all","edit":"all","delete":"all"},"Opportuni ty":{"create":"yes","read":"all","edit":"all","del ete":"all","stream":"all"},"EmailAccountScope":tru e,"Plan":{"create":"yes","read":"all","edit":"all" ,"delete":"all"},"BpmnFlowchart":{"read":"all"},"B pmnUserTask":{"read":"all","edit":"all","delete":" all"},"BpmnProcess":{"create":"yes","read":"all"," edit":"all","delete":"all"},"ProductBrand":{"creat e":"yes","read":"all","edit":"all","delete":"all"} ,"ProductCategory":{"create":"yes","read":"all","e dit":"all","delete":"all"},"Product":{"create":"ye s","read":"all","edit":"all","delete":"all"},"Quot e":{"create":"yes","read":"all","edit":"all","dele te":"all"},"ReportCategory":{"create":"yes","read" :"all","edit":"all","delete":"all"},"Report":{"cre ate":"yes","read":"all","edit":"all","delete":"all "},"SalesOrder":{"create":"yes","read":"all","edit ":"all","delete":"all"},"ShippingProvider":{"creat e":"yes","read":"all","edit":"all","delete":"all"} ,"SpecialDeals":{"create":"yes","read":"all","edit ":"all","delete":"all"},"Sub":{"create":"yes","rea d":"all","edit":"all","delete":"all"},"TargetList" :{"create":"yes","read":"all","edit":"all","delete ":"all"},"Task":{"create":"yes","read":"all","edit ":"all","delete":"all","stream":"all"},"Tax":{"cre ate":"yes","read":"all","edit":"all","delete":"all "},"Team":{"read":"all"},"Template":{"create":"yes ","read":"all","edit":"all","delete":"all"},"User" :{"read":"all","edit":"own"}}

      Comment

      • yuri
        Member
        • Mar 2014
        • 8440

        #4
        There is an expiring period during which users can edit their own posts. Set in config 'noteEditThresholdPeriod' => '1 year'
        If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

        Comment

        Working...