You do not have permission to access the requested resource in Python Eve
When hitting the REST endpoint with DELETE ( http: // localhost: 5000 / tax / 559c0180b9f1f1072f240065 ), I get an error. The error was as follows. The tax is the tax I'm trying to remove and the next value in the url is the document ID that I would like to remove.
Status
403 FORBIDDEN Show explanation Loading time: 7
Request headers
Accept: application/json
Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
CSP: active
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Response headers
Content-Type: application/json
Content-Length: 180
Server: Eve/0.6-dev0 Werkzeug/0.10.4 Python/2.7.6
Date: Tue, 07 Jul 2015 16:46:40 GMT
{
_status: "ERR"
_error: {
message: "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server."
code: 403
}-
}
The payload I used was {"KONG": "Donkey"}
What can I do to fix this problem?
The code I used is in the following links
https://gist.github.com/anonymous/fda6080f3e7910d4be84 https://gist.github.com/anonymous/3bab73901f901087177b
source to share
You also need to provide a header If-Match
(along with the document ETag
) with your request. See Data Integrity and Concurrency Control . By default, Etags are required for all editing operations, but you can opt out by simply setting If-Match
to False
:
If your use case requires you can turn off Concurrency management completely. ETag compliance checks can be disabled by setting the IF_MATCH configuration variable to False (see Global Configuration). When Concurrency management is disabled, there are no responses to it. You must be careful about disabling this feature, as you will effectively expose your API for older versions to replace your documents.
source to share