Change role with IAP

Hi everyone, I have some questions concerning Strapi

I am developing a freemium application with react native. I have created 2 role (one free and one premium)

I would like to know how can I update my user role when the paiement has been done.
How can I update my user role without going through the backend

thank a lot :wink:

You will need to have some kind of service account with permissions to update the user (there is a permissions setting within the users-permissions plugin to allow this).

Effectively you need to send a PUT request to localhost:1337/users/:userID with the content of the body being something like:

  "role": thePremiumRoleID

Alternatively within the Strapi backend you would do this via strapi.query('user', 'users-permissions').update({ id: userID }, { role: roleID }) So you could build a custom route/controller to do this as well.

Yes !! it’s work perfectly :grin:, I finally understand how all the request work

Do you have Strapi query to change what a Role can do? I would like to Editor role to be allowed to edit content. Right now it doesn’t have any role, maybe those can be changed with Strapi Query?

Are you talking about the Admin Panel roles?

Yes, I’m talking about the Admin Panel roles, with the community edition there is 3 roles, Super Admin, Editor, Author.
The only role that is working is the Super Admin, the other roles cannot create or edit any content.
So can I use Strapi Query to update the rights of the Editor so he is allowed to edit?

I would have to double check the queries for the RBAC queries but the functionality will be the same as the GUI editor

Yes I didn’t know how to do it in the GUI, and thanks to you @DMehaffy , now I know.
Just click the checkbox you need.

1 Like

Very helpful!

In my opinion, altering a user’s role via a REST API may not be the most secure approach. Instead, it is advisable to make such role changes within the Strapi backend controller for enhanced security.