Accessing Order Collections

sachin-desai · February 14, 2022, 10:55am

While we are able to successfully get the data from the Products collection following the tutorial mentioned here : https://support.wix.com/en/article/velo-exposing-a-site-api-with-http-functions

We are getting the below mentioned error while trying to access data from the Orders collection
{
“error” : {
“name” : “Error” ,
“errorGroup” : “User” ,
“code” : “WD_PERMISSION_DENIED”
}
}
Is there security related configuration that we need to take care to access data from Orders collection?

amandam · February 15, 2022, 1:51pm

Hello. Are you using this ID for the orders collection: “Stores/Orders”

You can query the orders collection but there is a data limit which can cause errors as well. You can read more about working with that collection in this article.

The read permissions are admin so you should be able to use the suppressAuth in options in a backend file if you need to manipulate the query but you cannot change the default permissions of this collection.

sachin-desai · February 15, 2022, 2:00pm

Thanks. We will try the suggested options

sachin-desai · February 16, 2022, 9:25am

Followed above link and implemented code in the section “Velo by Wix: Authorization suppression”. It now gives different error

{
“error”: {
“name”: “Error”,
“errorGroup”: “User”,
“code”: “WD_VALIDATION_ERROR”
}
}

amandam · February 16, 2022, 2:17pm

Can you please show any code related to what you are doing so perhaps it will be easier to tell?

sachin-desai · February 17, 2022, 1:46pm

export function get_orders(request) {
// URL looks like: https://www.mysite.com/_functions/myFunction/John/Doe

let options = {
“headers”: {
“Content-Type”: “application/json”
}
};

let queryOptions = {
“suppressAuth”: true
};

//authorise
const KEY = ‘XXXXXX’;
const apiKey = request.query[“apiKey”];
if (apiKey !== KEY) {
return forbidden;
}
const lastOrder = parseInt(request.query[“lastOrder”]);
// query a collection to find matching items
return wixData.query(“Stores/Orders”)
.ge(‘Number’,lastOrder)
.find(queryOptions)
.then( (results) => {
// matching items were found
if(results.items.length > 0) {
options.body = {
“items”: results.items
};
return ok(options);
}
// no matching items found
options.body = {
“error”: No new order(s) after order no:${lastOrder} was not found
};
return notFound(options);
} )
// something went wrong
.catch( (error) => {
options.body = {
“error”: error
};
return serverError(options);
} );
}

sachin-desai · February 17, 2022, 4:33pm

While I have shared the code above here is our use case :
We want to access Orders (Stores/Orders) periodically from a back-end server application with no UI. We want to do additional processing for our internal downstream application. Our current approach is to expose Stores/Orders collection using http-functions, which can be consumed by our back-end server to pull the Orders data. Please suggest if this is the right approach or is there any alternative approach.

Topic		Replies	Views
Store Orders - Read not permitted Ask the community code , wix-stores , question	14	493	August 8, 2020
Download Orders through Rest Api Ask the community code , question	8	582	November 26, 2019
error on Stores/Orders read permissions Ask the community code , wix-stores , question	3	303	December 26, 2019
Wix store "orders" collection query doesn't work! Ask the community code , wix-stores , question	14	385	September 18, 2023
Orders DataCollection can only be read in preview site and not in published site Ask the community code , wix-stores , question	1	129	October 3, 2019

Accessing Order Collections

Related topics