The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
no_permission when creating user through mobile API
SOLVED: See posts #4 and #5
The call to api.init generates the required access token, client id, secret, and api version, but the call to user.save is returning an no_permission error. Using vBCloud 5.6.0 Here's the code snippet to api.init: PHP Code:
PHP Code:
HTML Code:
adminoptions=&api_m=user.save&options=&password=123&user%5Bemail%5D=test%40test.com&user%5Busergroupid%5D=14&user%5Busername%5D=Test&userfield=&userid=0&api_s=XXX&api_sig=XXX&api_v=560 There's very little documentation on the API, any help would be appreciated? Thanks |
#2
|
|||
|
|||
Without login?
Just a guess: api.init, user.login2,api.init (on first page of api docs is written - needed after .login, but after login2?), and then user.save |
#3
|
|||
|
|||
I tried logging in as Administrator after api.init and before api.save, and got both session and cpsession hashes so login was successful, but api.save still gives no_permission.
I also tried calling api.init again after user.login2, no change. That said, whenever I include api_c in login2 or save method calls, I get "invalid_api_signature". If I remove api_c and keep api_s, api_sig and api_v, I am able to login, but user.save gives the no_permission error. At this point, I'm out of ideas. |
#4
|
|||
|
|||
Yepp, api docs are really bad. Solution is the security token getting by login call.
Following example works in my local xammp dev enviroment. I've used loginSpecificUser but also login2 is possible. After login fetchCurrentUserinfo and get username (to check if correct login) and securitytoken. After that an example for adding an post and adding a user. You need to change apikey, urlapibase, userid and password for userid PHP Code:
|
#5
|
|||
|
|||
Many many thanks. I finally got it to work.
But for anyone who comes across this thread, here's what I discovered. The call to the api works in GET mode, but not HTTP POST. It only works in POST mode if you provide the full url with the query parameters in the url and not only as CURLOPT_POSTFIELDS Both my version of the code and yours work when the HTTP call is modified accordingly, so there was need to fetch the admin and the security token after logging in. The sequence is api.init ---> api.login2 ---> api.save This is clearly a bug in the api! |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|