fix: STRF-11923 - Handle Missing a New Channels Permission Requirement in Auth Token #1191
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jairo-bc
reviewed
Apr 10, 2024
lib/theme-api-client.js
Outdated
| .catch((error) => { | ||
| if (error.response.data.status === 403) { | ||
| console.log( | ||
| 'WARNING: Version 4.7.2+ of stencil-cli added a request to the Channels resource which requires a permission missing on your current stencil cli auth token. Please generate a new auth token at your convenience which includes the "read-only channels" permission to clear up this warning. You can read more about correcting this issue here: https://github.com/bigcommerce/stencil-cli/issues/1185', |
There was a problem hiding this comment.
Great idea for the warning!
jairo-bc
reviewed
Apr 10, 2024
lib/theme-api-client.js
Outdated
| .catch((error) => { | ||
| if (error.response.data.status === 403) { | ||
| console.log( | ||
| 'WARNING: Version 4.7.2+ of stencil-cli added a request to the Channels resource which requires a permission missing on your current stencil cli auth token. Please generate a new auth token at your convenience which includes the "read-only channels" permission to clear up this warning. You can read more about correcting this issue here: https://github.com/bigcommerce/stencil-cli/issues/1185', |
There was a problem hiding this comment.
Suggested change
| 'WARNING: Version 4.7.2+ of stencil-cli added a request to the Channels resource which requires a permission missing on your current stencil cli auth token. Please generate a new auth token at your convenience which includes the "read-only channels" permission to clear up this warning. You can read more about correcting this issue here: https://github.com/bigcommerce/stencil-cli/issues/1185', | |
| 'WARNING: Version 7.4.2+ of stencil-cli added a request to the Channels resource which requires a permission missing on your current stencil cli auth token. Please generate a new auth token at your convenience which includes the "read-only channels" permission to clear up this warning. You can read more about correcting this issue here: https://github.com/bigcommerce/stencil-cli/issues/1185', |
jairo-bc
reviewed
Apr 10, 2024
lib/theme-api-client.js
Outdated
| accessToken, | ||
| }) | ||
| .catch((error) => { | ||
| if (error.response.data.status === 403) { |
There was a problem hiding this comment.
I think it's
Suggested change
| if (error.response.data.status === 403) { | |
| if (error.response.status === 403) { |
There was a problem hiding this comment.
and lets wrap it into try {} catch rather than use promise chain
There was a problem hiding this comment.
Ahh, its both actually:
response: {
status: 403,
statusText: 'Forbidden',
...
data: {
status: 403,
title: "You don't have a required scope to access the endpoint",
type: 'https://developer.bigcommerce.com/api-docs/getting-started/api-status-codes',
errors: {}
}
}
There was a problem hiding this comment.
I will go ahead and make the suggested update for simplicity sake.
…Channels() method.
jairo-bc
approved these changes
Apr 10, 2024
|
🎉 This PR is included in version 7.5.1 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What?
This PR handles the possibility of missing the
Channelsauth permission when making a GET for a list of channels ingetStoreChannels().When this update was made I overlooked that the standard Stencil CLI auth token that we recommend providing to 3rd parties does not include the "read channel settings" permission by default. So people utilizing the Stencil CLI token, or any v3 token that does not include "read/manage channel settings" permission, can end up with this error when making
start,push,pull, ordownloadcommands:We will be updating that permission on the Stencil CLI token but people with errors will still have to generate a new token to get this permission. As such, this PR will avoid failures if the
Channelspermission is missing. Instead we will ignore the error and return an unfiltered list of urls the same way we did prior to the change in version 4.7.2.Refactor
Also incorporates some smart improvements to the fetching of channels that I found in this PR:
#1187
Tickets / Documentation
Previous related pr.
Screenshots (if appropriate)
With this changes in this PR we will now give a "warning" message if the "channels" permission is missing and still proceed with an unfiltered response as we did before:
However, if you do have an updated token that includes the correct permission then we will filter the list of channels returned using this new information:
cc @bigcommerce/storefront-team