I’ve been trying to create a new permissions document. I tried using sanity exec But I get the error: ClientError: The mutation(s) failed: mutation failed on document

15 replies

Last updated: Sep 9, 2020

Hi! I’ve been trying to create a new permissions document. I tried using

sanity exec

But I get the error:

ClientError: The mutation(s) failed: mutation failed on document "_.groups.corePagesEditors": Insufficient permissions; permission "manage" required

What is the correct way of creating permissions documents?

Sep 9, 2020, 8:13 PM

BTW, my script looks something like:

const sanityClient = require('@sanity/client');

const client = sanityClient({
  projectId: 'projectId',
  dataset: 'myDataset',
  token:
    'someToken',
});

const doc = {
  _id: '_.groups.corePagesEditors',
  _type: 'system.group',
  grants: [
    {
      filter: "_type == 'corePage'",
      permissions: ['editHistory'],
    },
  ],
  members: ['someId'],
};

client.create(doc).then((res) =&gt; {
  // eslint-disable-next-line no-console
  console.log(`Document was created, document ID is ${res._id}`);
});

Sep 9, 2020, 8:14 PM

Does your token have the right permissions?

Sep 9, 2020, 8:19 PM

ah! no, I don’t even see those radio buttons. I only see read, write and deploy

Sep 9, 2020, 8:20 PM

What do I need to do to see those radio buttons?

Sep 9, 2020, 8:20 PM

Are you on the enterprise plan?

Sep 9, 2020, 8:21 PM

I’m on an advanced plan

Sep 9, 2020, 8:22 PM

Oh! I see, this is an enterprise plan feature!

Sep 9, 2020, 8:23 PM

I didn’t realize that 😕

Sep 9, 2020, 8:23 PM

Yes, only available on enterprise as far I know

Sep 9, 2020, 8:23 PM

Hm.. any ideas how we can make that more clear? It's quite unfortunate that it's not communicated clearly enough.

Sep 9, 2020, 8:29 PM

I’m using this documentation:
https://www.sanity.io/docs/access-control
It mentions that the

Create Sessions

group is available for the enterprise. But it seems like in order to create custom access control groups, an enterprise plan is required. Is that correct?
If that is the case, just a warning on that page would have been enough.

Sep 9, 2020, 8:38 PM

I mean, if you read those docs, you kinda get the idea that the feature is globally available. So a warning message would be useful.

Sep 9, 2020, 8:40 PM

Thanks for the feedback! In this doc it's more clearly labelled https://www.sanity.io/docs/third-party-login
But I see it's missing from the access control doc. I'll issue a fix.

Sep 9, 2020, 8:43 PM

Thanks for the feedback! In this doc it's more clearly labelled https://www.sanity.io/docs/third-party-login
But I see it's missing from the access control doc. I'll issue a fix.

Sep 9, 2020, 8:43 PM

Added this now, hope that helps others, at least. Sorry for the inconvenience

Sep 9, 2020, 9:12 PM

Sanity.io: Get the most out of your content

Sanity.io is a platform to build websites and applications. It comes with great APIs that let you treat content like data. Give your team exactly what they need to edit and publish their content with the customizable Sanity Studio. Get real-time collaboration out of the box. Sanity.io comes with a hosted datastore for JSON documents, query languages like GROQ and GraphQL, CDNs, on-demand asset transformations, presentation agnostic rich text, plugins, and much more.

Don't compromise on developer experience. Join thousands of developers and trusted companies and power your content with Sanity.io. Free to get started, pay-as-you-go on all plans.