egnyte / egnyte-js-sdk

Javascript SDK to work with Egnyte Public APIs
15 stars 16 forks source link

How to handle insufficient rights while creating a link? #3

Closed slunecniborecek closed 7 years ago

slunecniborecek commented 8 years ago

We have an application which integrates egnyte using this sdk. Egnyte user of type 'Standard User' who logs into egnyte through our app and tries to create a link of any shared file is getting 403 Forbidden error in REST response. As I understand 'Standart User' can't create nor manage links. Is there a way to avoid this using SDK? Just not allow the user to select any file or handle the response?

API.auth.getUserInfo() only returns some basics about the user, not the type.

Don't know whether this is a good place to report, but when asking for permissions to connect to our app, scope is set to: 'Egnyte.filesystem Egnyte.link' -> IMO Standard User should not be allowed to do that at all, as he can't create nor manage links. When fixing this, it could also solve my issue... Can you please confirm you are in touch with egnyte devs and pass this to them?

Thanks!

slunecniborecek commented 8 years ago

Never mind, I've found the fail() handler (while I was looking for .catch()), so I can handle the situation.

naugtur commented 8 years ago

Yes, unfortunately, we had to support old IEs, where 'catch' is a reserved word and cannot be used. I'm looking forward to being able to solve that one in version 3.

Back to your issue, Standard User is a kind of role that is meant for people outside of the company owning the Egnyte domain (clients that want to see project files but shouldn't modify anything etc.) so they cannot do a lot.

Please write me an e-mail with short summary of your use-case to ztenerowicz@egnyte.com and I'll help you choose the right API features to implement it.

There's a way to check user type and I may be able to suggest other options than Links API.