hello guys! im having one strange issue with the authenticated users:
Issue:
Forbidden access with authenticated users
Description:
- set permission for the authenticated only users to create SavedEvent type items
- use mutation to create a SavedEvent gives me Forbidden access
- Authentication header is passed
- “Forbidden access” shows when try to use the mutation
- “findOne” is active on permission for authenticated users
Mutation
mutation {
createSavedEvent(data: { user: 7, event: 5 }) {
data {
attributes {
event {
data {
attributes {
title
description
}
}
}
}
}
}
}
Result
{
"errors": [
{
"message": "Forbidden access",
"extensions": {
"error": {
"name": "ForbiddenError",
"message": "Forbidden access",
"details": {}
},
"code": "FORBIDDEN"
}
}
],
"data": {
"createSavedEvent": null
}
}
any suggestion? there is something I’m missing?