I want to create a dynamic reviews repeater showing latest member data on the repeater. Because of that I’m not collection user info when they insert review I’m using _owner and trying to get member data with getMember in the backend using _owner.
But when I try this with a logged in account or a visitor user. I’m seeing an error with a permission error and I don’t know how can I bypass it? Or how can I fix this issue to create dynamic reviews repeater.
I also tried to login with a admin account and there was no problem. I can get the member data for each review. Shortly:
This is my backend getMember function:
export function getMember(memberId) {
return wixMembersBackend.members.getMember(memberId, { fieldsets: ['FULL'] })
.then((memberData) => {
return memberData;
})
.catch((err) => {
console.error(err)
})
}
This is my backend code to create dynamic repeater data:
export function getProductReview(productId, skip) {
return wixData.query("ProductReviews")
.limit(10)
.skip(skip)
.eq("productId", productId)
.find()
.then((productReviewsData) => {
let productReviews = productReviewsData.items;
if (productReviews.length > 0) {
productReviews = productReviews.map(async (review) => {
let memberData = await getMember("c9e73b46-85a9-48ba-8a66-5595b82f5893")
.then((memberData) => {
let profilePhoto = memberData.profile.profilePhoto;
let memberName = `${memberData.contactDetails.firstName} ${memberData.contactDetails.lastName}`
if (profilePhoto) {
return {
"profilePhoto": profilePhoto.url,
"memberName": memberName
}
} else {
return {
"profilePhoto": undefined,
"memberName": memberName
}
}
})
return {
"_id": review._id,
"reviewTitle": review.reviewTitle,
"review": review.review,
"rating": review.rating,
"memberName": memberData.memberName,
"memberProfilePhoto": memberData.profilePhoto
}
})
const result = Promise.all(productReviews);
return result;
}
})
.catch((err) => {
console.error(err);
})
}
When I use admin account I’m getting every single data without any problem. But when I try with an non-admin account I can’t get first and last name of user but I can get profile photo.
How can I fix this permission issue?