This topic contains 6 replies, has 0 voices, and was last updated by FHC 8 years, 1 month ago.

  • Author
    Posts
  • #6084

    FHC

    I seem to run into this every time I write a new script (mostly Suitelets). There’s no rhyme or reason to fixing it. Most of the time, it just seems to be fixed by following the same steps I did before it broke.

    I write my script. Nothing fancy. Mostly just executing saved item searches and returning JSON or XML. I create the script record. I deploy the record, making sure to check “Available Without Login”, executing as my current role (admin) and selecting all roles under “Audience”. I save to deploy. The internal URL works fine. Yay!. The External URL? “You do not have privileges to view this page” error. EVERY. DAMN. TIME.

    I fiddle with it and try every combination of settings I can think of. I reference other scripts that are currently working and match their settings exactly. Same error.

    What am I doing wrong here? I just want a simple Suitelet to be accessible via that external URL, run an item search and return some JSON/XML. Is that really so much to ask?
    This is a cached copy. Click here to see the original post.

  • #6085

    FHC

    The error in my Sandbox account is at least a little more descriptive:

    “Permission Violation: You need the ‘Lists -> Items’ permission to access this page. Please contact your account administrator.”

  • #6086

    david.smith

    Scripts available externally have no role when the script is executing. So the system doesn’t have the permissions needed to do what you want.

    Executing “as current role” means that whoever is logged in and running the script it uses their current role. So in the case of externally available, there again is no role.

    Best practices would be for you to create a role that has only the specific permissions needed to run the script successfully. Then in the ‘execute as’ you would select that role.

  • #6087

    david.smith

    One more thing, I would utilize a restlet with token based authentication for best security.

  • #6088

    FHC

    Thanks, David. That makes sense for the most part. Like I said, though, I have older external scripts that execute just fine with “Current Role” or “Full Access” selected. Is this a new restriction?

    In either case, I can try to create a new role. I’m unfamiliar with creating roles, unfortunately. Do I just go through under Permissions and only set View under “Lists -> Items”? And maybe select “Web Services Only”? I’ve done all that and I’m still getting the same error. Am I missing something? Sorry for all the questions. I’ve never dealt with roles before.

    PS – I posted in the other thread, too, but your Saved Search to Suitescript was a huuuuuuge help to me last night. You literally saved me hours of work.

  • #6089

    david.smith

    This isn’t relatively new. It’s been a few years now I think. For now, try and just select the administrator role on your deployment. Save and then see if you can open the external link in an incognito window. If it now works you know you’re on the right track.

    You will not need the web services only selection. That might restrict it and never work.

    Glad you like the saved search extension. Are you using the HTML Script Notes? I find that one very useful when troubleshooting and debugging my scripts.

  • #6090

    FHC

    Ugh. OK, in classic fashion, I was not opening the external URL in an incognito window and receiving an error regardless. Opened it in an incognito and worked immediately. Looks like you’ve saved my bacon again. I definitely owe you a drink or to.

    That other extension looks promising as well…

    Thanks for your help!


    david.smith replied on 10/18/2016, 12:32 PM: Vegas in April! Hope to see you there.

You must be logged in to reply to this topic.