Uploading files as Submitter failed (FileClient)

Hey,
I’m writing an app that allows the user to add files to my pod. The user currently logs in to the app and selects the file that he would like to add. It works as it should. At least if the app has the right permissions, and the user is assigned to the poster role. The user cannot change anything, but he can still read. If I now degrade the user and give him the submitter’s role, my upload no longer works. I can’t explain why this should be the case other than that it may be due to the response from the FileClient.

My function:

   const fileClient = new FileClient(session);
   const remoteFolder = folderUrl;

   for(let i = 0; i < files.length; i++) {
     const file = files[i];
     const url = remoteFolder + file.name;

     console.log(`Uploading ${file.name} to ${url}`);

     try {
       const res = await fileClient.postFile(url, file, file.type);
       const msg = `${res.status} Uploaded ${file.name} to ${res.url}`;
       console.log(msg);

       document.getElementById(
           "fileWriteStatus"
       ).textContent = `Message: ${msg}`;
     } catch (err) {
       console.error(err);
       document.getElementById(
           "fileWriteStatus"
       ).textContent = `Error: ${msg}`;
     }
   }

Error as Submitter:

[Error] Failed to load resource: the server responded with a status of 403 (All Required Access Modes Not Granted)

[Error] SFCFetchError: SFCFetchError 403 https://myAccount.solidcommunity.net/myTestFolder/ - Make sure that the origin of your app is authorized for your pod

construct
a — construct.js:19
e — wrapNativeSuper.js:26
construct
(anonyme Funktion) — folderUtils.js:106
r — errorUtils.js:38
assertResponseOk — errorUtils.js:93
promiseReactionJob

(anonyme Funktion) (my-demo-app.e31bb0bc.js:143904)
asyncFunctionResume
(anonyme Funktion)
promiseReactionJobWithoutPromise
promiseReactionJob

I have another question. As far as I understand, both the app and the logged-in user must have the appropriate rights to access the pod. The real access rights result from the intersection of the access rights of the app and the user. Is there any way I could allow an app to write files directly to a pod? So that the user does not have to log in to my app beforehand.

To start with your general question : It is possible to make a folder writable by anyone, regardless of whether they are logged in, but that is dangerous, for obvious reasons. In the future, there are plans to give an app a webId and at that point, it may be possible to give rights to un-logged-in users of that app but not un-logged-in users in general. But AFAIK, that can’t be done now.

As far as your specific Solid-FIle-Client issue - can you double check that both the app AND the user have append access to both the resource you want to write to AND to the container the resource is in.

The files to upload selected via the WebUI of my app. For this, I use the <input> tag with the attribute multiple in the HTML. In the change event, I read the FileList object of the input element. (files = evt.target.files;) I have full access to all files used.

The structure in the pod is as follows:

  • root
    • /myTestFolder

Access rights:

My App:
http://localhost:1234: {read: true, append: true, control: true, write: true}

I changed the access rights to the folder via the WebUI. When querying the permissions in the code, I get the following output. As soon as the permissions set as listed here, the mentioned error occurs. If I set the read access for myFriendsAccount to true, the error no longer occurs.

Access to root:

  • myAccount: {read: true, append: true, control: true, write: true}
  • mailto: my@email.com: {read: true, append: true, control: true, write: true}

myTestFolder:

  • myAccount: {read: true, append: true, control: true, write: true}
  • myFriendsAccount: {read: false, append: true, control: false, write: false}
  • mailto: my@email.com: {read: true, append: true, control: true, write: true}

@jeffz hope I got you right and this is the information you asked for. If I should look elsewhere or something is missing, I’ll be happy to submit it.