User permissions deleted from database when removed for any Strapi role

[aagamLF]

Hi,

I am facing an issue with the plugin permissions being deleted from the permission table of Strapi. Steps to reproduce:

1. For any Strapi role, have all the mux plugin permissions enabled. See image below.

2. Remove all the mux-asset permission for that role (create, find, findOne, update, submitDirectUpload)

3. Navigate away to any screen and come back to re-enable the permissions. We notice that the mux-video-uploader permissions section is missing all together.

4. When checked in the database in the permissions table, the plugin permissions are missing altogether (plugin::mux-video-uploader.mux-asset.create, plugin::mux-video-uploader.mux-asset.find, plugin::mux-video-uploader.mux-asset.findOne, plugin::mux-video-uploader.mux-asset.update, lugin::mux-video-uploader.mux.submitDirectUpload). See image below.

5. This issue prevents me to add/update the relevant permissions to any other roles I have on Strapi since the record is deleted from the database and causes me have to go in manually to add these permissions to the database table.

Strapi: v4.3.4 strapi-plugin-mux-video-uploader: v2.3.0 DB: Postgres SQL v13.7

Thanks

[erikpena]

In the latest version of the plugin (2.4.0), we updated the permission system so that there is no longer a need to manually create entries in the database to workaround the issue.

It should be noted that we only intend on read type operations (e.g. find, findOne and count) to be available via the User permissions. Any write operations should be proxied through an implemented middleware using admin permissions.

[lh15]

@erikpena Can you please explain how submitDirectUpload can be called via a proxy through admin permissions?