Updating user relations with REST API not working

Questions and Answers
1
System Information
  • Strapi Version: 4.19.0
  • Database: SQLite
  • Node Version: 20.11.0
  • NPM Version: 10.2.4
  • Yarn Version: 1.22.19

I’m implementing Shopping cart feature.

I’ve a oneToMany relation between User and Product (Another Content-type) with field name of cart in User and name of reservedBy in Product (Content-type).

Based of docs, i can connect (and disconnect) every product (individually) to every user using send PUT request to products API:

connect
connect1024×768 67.9 KB

When i want to empty cart field from all products with sending PUT request to users API, The response is 200 OK:

set
set1024×768 51.6 KB

But it doesn’t work. when i check cart filed in user data, products in cart still are over there:

cart
cart970×741 57.4 KB

I Also use “disconnect” command with id of products in cart. but doesn’t work too.

Where did i go wrong?
Should i create or edit controller files?

Beforehand thanks for any help.

2

@EbrahimHeydari thanks for sharing. I just updated to 4.19.1 and it works.

Make sure that you have permissions set correctly. You need to enable user find. See the video below.

video example

3

Note that i want to empty cart field from all of products by sending one PUT request to /api/users/{user_id} endpoint.

But your “video example” is about add and remove product one by one (individually) to cart (which works fine). As i mentioned above, i can add and remove product (individually) to cart by sending to /api/products/{product_id} endpoint.

In another word, i want to update relations of User Content-Type (users-permissions) by sending PUT request to /api/users/{user_id} endpoint. Please take a look again to endpoints of images in my above question (from second image).

My strapi CMS permissions:

permossions
permossions804×1404 57 KB

P.S: I also update my strapi CMS to v4.19.1 but didn’t worked.

4

@Paul_Brats So if I want to update user’s relationship I have to change the permissions so every user can read other users details, I hope you realize how bad you’re “workaround” is?

5

So, what’s your solution (suggestion) for empty the cart field (Array data type) in one PUT request?

6

I would override the controllers respective method or add new custom route and method to manage that. The way you’re changing the user’s permission, you’re allowing any user that has authenticated, read, write or even delete other users.