Encountered status 403 Forbidden while testing
Describe the question
I was trying to learn how to test the endpoint using graphql. I tried to send the request and got received with status 403. Even though I tried to get the jwt token. I realized that I did not set the permission for the public role and caused the issue. Does anyone know how to update the permission for the specific role without going through UI?
Steps to reproduce the behavior
Requirement: strapi-plugin-graphql
- Follow the guideline to setup strapi instance
- Create a model
- Try to query using supertest. Ex:
const request = require('supertest');
describe('Restaurant', () => {
let jwt = null;
let userData = {...};
let mockData = {..};
let resp = {...};
beforeAll(async () => {
jwt = await request(strapi.server) // app server is an instance of Class: http.Server
.post('/graphql')
.send(userData)
.expect(200) // Expect response http code 200
.then(res => res.body.data.register.jwt);
});
it('succeeded if create a resp', async () => {
await request(strapi.server) // app server is an instance of Class: http.Server
.post('/graphql')
.set('Authorization', `Bearer ${jwt}`)
.send(mockData)
.expect(200) // Expect response http code 200
.then(data => {
expect(data.text).toBe(JSON.stringify(resp)); // expect the response text
});
});
});
- See error
+ {"errors":[{"message":"Forbidden","locations":[{"line":2,"column":7}],"path":["createFood"],"extensions":{"code":"INTERNAL_SERVER_ERROR","exception":{"data":null,"isBoom":true,"isServer":false,"output":{"statusCode":403,"payload":{"statusCode":403,"error":"Forbidden","message":"Forbidden"},"headers":{}},"message":"Forbidden"}}}],"data":{"createFood":null}}
Expected behavior
{"data":{...}}}}
System
- Node.js version: v14.17.4
- NPM version: 6.14.14
- Strapi version: 3.6.6
- Database: sqlite
- Operating system: Ubuntu 20.04 (WSL)