Question:
Why is my dynamic page asking for permissions when I have permissions set to everyone?
Product:
Wix Editor
What are you trying to achieve:
Allow everyone to access a dynamic page (list) and display additional info only for logged in site members.
What have you already tried:
Adding an authentication.loggedIn() flag before collapsing certain sections, setting permissions for the dynamic page to public, setting CMS collection to public for read functions, ensuring no other create, update, delete functions on page.
Additional information:
I’ve been receiving the following error the whole day:
LoadUserCodeError: Failed to import user code script: Failed to execute 'importScripts' on 'WorkerGlobalScope': The script at 'https://c464ee94-b50f-4ad7-bf2c-a577cad85c56.dev.wix-code.com/pages/j6mlt.js?viewMode=preview&instance=wixcode-dev.cd7b00d0cd935d51badca9dec6e2002ccc33e52e.eyJpbnN0YW5jZUlkIjoiYzQ2NGVlOTQtYjUwZi00YWQ3LWJmMmMtYTU3N2NhZDg1YzU2IiwiY29ycmVsYXRpb25JZCI6IjQ2NDU2YjYxLTY0ZTktNGQ5NS1iMzZhLTA5OWM5NWE0MWYxYSIsInNlc3Npb25VSWQiOiIwM2U2YzJkYi0wNzQ4LTQxOGYtODIyYS1kZjIyY2NkNjQ0MjgiLCJpc1RlbXBsYXRlIjpmYWxzZSwic2lnbkRhdGUiOjE3MDY2ODc2MTkzNzUsInNpdGVNZW1iZXJJZCI6IjAzZTZjMmRiLTA3NDgtNDE4Zi04MjJhLWRmMjJjY2Q2NDQyOCIsInVpZCI6IjA...MmU2LWJiMmUtNGEzMy04MjUxLWNiYjllNzk5NmI2OSIsImNhY2hlIjpudWxsLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMDEtMzFUMTE6NTM6MzkuMzc1WiIsInNpdGVPd25lcklkIjoiMDNlNmMyZGItMDc0OC00MThmLTgyMmEtZGYyMmNjZDY0NDI4IiwiaW5zdGFuY2VUeXBlIjoiZGV2IiwicGVybWlzc2lvblNjb3BlIjpudWxsfQ==&gridAppId=68fdeb9c-0d3e-4bbd-90a4-de73c2931c6a&analyze-imported-namespaces=true&init-platform-api-provider=true&get-app-def-id-from-package-name=false&disable-yarn-pnp-mode=false&bundler-traffic-to-aws=false&dependencies-token=3938&cache-buster=cachebuster2' failed to load.
And also this error when trying to access the dynamic page while logged out:
"root":{
"insertId":"9cfc4158-4084-4d7c-a2ba-7703de1fd260"
"timestamp":"2024-01-31T08:17:59.542Z"
"labels":{
"siteUrl":"UNKNOWN"
"revision":"none"
"namespace":"Velo"
"tenantId":"63c772e6-bb2e-4a33-8251-cbb9e7996b69"
"viewMode":"Site"
}
"operation":{
"id":"1706689079.292410878044807227"
"producer":"backend"
}
"jsonPayload":{
"message":"The current user does not have permissions to on the collection."
"jsonContent":{
"operation":"find"
"collection":"tracking"
"duration":166
"errorCode":"WDE0027"
"broadCode":"WD_PERMISSION_DENIED"
}
}
"severity":"ERROR"
"receiveTimestamp":"2024-01-31T08:17:59.542Z"
}
It does mention that my user cannot “on” the collection (??) and mentions the operation “find”, which I have no idea where it is from and how to enable permissions from it…
I might have identified the cause since then and have been using a very slightly inefficient workaround.
Possible Cause
I believe the cause was my dynamic dataset had a Reference field to Stores/Orders and I had use the CMS link feature to link the order number in Stores/Orders to one of the text fields on the page.
Workaround
Since entries to my dynamic collection were created alongside orders, instead of referencing the order number in Stores/Orders, I tried doing the redundant method of copying the order number into one of the fields of my collection. When my text field was changed to reference this field within my collection instead of within Stores/Orders, the problem no longer occurred.
As per request, this is the code I used, maybe there is something else in here that might have contributed to the problem? I did use a wixDataQuery.find() in my button’s onClick() listener but I doubt that caused the problem since the error shows up on page load regardless of login status.
$w.onReady(async function () {
const trackButton = $w("#trackingNumberNavigateButton")
const data = $w("#trackingDataset")
if (authentication.loggedIn()) {
$w("#memberTrackingList").expand()
await currentMember.getMember().then((member) => {
// List out current member's active tracking numbers.
data.setFilter(wixData.filter().eq("buyer", member._id).eq("active", true))
.then(() => {
if (data.getTotalCount() > 0) {
$w("#trackingSection").expand()
$w("#noTrackersSection").collapse()
} else {
$w("#noTrackersSection").expand()
$w("#trackingSection").collapse()
}
})
})
}
authentication.onLogin(() => {
// Refresh on login.
wixLocationFrontend.to(wixLocationFrontend.url)
})
authentication.onLogout(() => {
$w("#memberTrackingList").collapse()
})
trackButton.onClick(async () => {
const trackingNumber = $w("#trackingNumberInput").value
trackButton.disable()
trackButton.label = "Tracking..."
const inputErrorText = $w("#inputErrorText")
await wixData.query("tracking").eq("active", true).eq("title", trackingNumber).limit(1).find()
.then((result) => {
if (result.length > 0) {
trackButton.label = "Found"
} else {
inputErrorText.text = "Tracking number not found... Please check and try again!"
inputErrorText.show()
.then(() => {
setTimeout(() => {
inputErrorText.hide("fade")
}, 10000)
})
trackButton.label = "Track"
trackButton.enable()
}
})
.catch(() => {
return console.error("Error with database")
})
})
});
However the load user script error still shows up from time to time but I noticed that it’s happening exclusively on Wix Editor’s preview and have yet to notice it affecting anything on my Live site, so I’ve yet to try to look into it further on my end.
You are using a DATASET ← —> but i can’t see any —> dataset.onReady() inside of your code. That means you use the DATASET, before the dataset gets ready ?
The problem with that error code appearing is that I had my dynamic dataset permissions set to “Everyone” for READ yet I still encountered that.
Also I have no idea what find() function the error is referring to since at that point of receiving the error (page load), there can’t be any user input so it can’t be my button, the only element to which I implemented a wixData.query…find(), since it has yet to be clicked.
As such, I don’t think there’s anywhere I can set suppressAuth to get rid of this error in particular since apparently wixDataFilter doesn’t have a find(), nor could I find a method to call to set options.
I did not think I needed a dataset.onReady() since I was setting a filter following the setFilter example in Velo Docs. Unless I’m supposed to need to?
I tried swapping my text field back to reference the Stores/Order number and the permissions error came back and this time, when swapping back to the dynamic dataset order number, the error persisted.
Only after I deleted the Stores/Order reference field in my dynamic dataset would the error go away. Curiously, I added the reference field back afterwards and the error did not come back. It appears to only show up if I ever try to reference the Wix Stores collection through a reference field, regardless of whether or not I actually pull information out of the reference field?
This makes sense then since reference fields pointing to another collection would use the permissions of that collection. Even if you don’t query the reference field it still contains the _id of the referenced row which would be governed by the permissions of its respective collection.
Ahh, okay thanks for clearing that up! I guess I can afford to redesign my collection to only take necessary info from the Stores/Orders since I’m only really referencing 1 or 2 text/number fields in it.
It still feels weird that this problem is only ever occurs if I choose to reference the other collections’ fields. Does the dataset object/element in the editor “cache” the information it queries? The way I imagine it is my dataset currently is
And finally when I remove said text element, since the dataset has already joined the 2 collections, it doesn’t revert and therefore would still require elevated permissions?
Uderstanding what exactly is a referenced field will teach you that his is just a ID-connected field.
So if you have 2x DATABASES (A+B)
In DATABASE-A you have for example some Books (titles)
Each book has its own ID.
Referenced to this book → you have an Author who wrote this book and the AUTHOR has it’s own data like → firstname, lastname, age and so on. And of course the author should have the same id like his own written book.
And here we go → we found the meaning of REFERENCE-ID (REFERENCE-FIELD).
Out of 1000-books you would be able to find this way the REFERENCED AUTHOR or vise versa.
Back to your question → no i do not use any textfield, since all this would run by code in background or even on backend, no need to export data to frontend.
I understand how ID is being used in the database, however the way Wix works it doesn’t seem to just be an ID-connected field since depending on how I use the reference field, there seems to be different requirements for level of permissions.
To clarify my primary question, let’s just simplify my example and say I have a public database with schema as such:
{
title: text
foreignObject: reference (_id of a row in another collection with members only permission)
...
}
If I link the a text element to the title field, it works great, everyone can access the page to view the element.
If I link the text element to something in foreignObject, like foreignObject.title, page is now restricted to members, this is fine and makes perfect sense as well.
However, if I specifically link the text element to the foreignObject.title, then unlink the text element from CMS, my expectation is that the page should not be restricted to members since there is nothing linked to foreignObject anymore. Yet the page still remains restricted to members. This issue persists until I delete the dataset element and create a new one.
So the over-arching question would be “Why is this happening?” or “Why should I expect this to happen?”
Oh I see! Strongly hope that’s the case since I did notice they’re slowly rolling out updates to Velo these few days so hopefully once they’re done with that, it’s gonna stabilise.
