delete file from appery database via service

I have my first delete service but when I attempt to delete files I get error:
405 method not allowed.

I am making an admin screen to manage files uploaded- delete etc. I am not sure if my problem is related to my request id used or security. I also tried a service test with same result.

For example, for the file:

https://api.appery.io/rest/1/db/files/51b642afe4b0e832dd8ff37c/f7090c13-77ae-4d5c-a846-c81f250cb716.image.jpg

I am including in my request:
filename=f7090c13-77ae-4d5c-a846-c81f250cb716.image.jpg

I also have a related question about administration of files via REST- When others create a file, do I need to explicitly give each uploaded file write permissions each time, for an admin user or is there a superuser database account that can do that with? Maybe my Appery.io login?
1 person has
this question
+1
This topic is no longer open for comments or replies.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • Thanks- In attempting to start from scratch, I deleted the service tack_tackFile_delete_service. Now I cannot figure out how to get it back. I thought maybe that it was automatically created when adding tack_text_delete_service (one of the collections) so I deleted and re-added that, but it did not work. How do I add back the file delete service?
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • Hello! Services you use to work with files don't create automatically. You have to create them manually. The link Katya suggested http://docs.appery.io/documentation/b... should help. If service returns any error - please post service setting screenshot.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated

  • I am not getting any errors because I cannot find a way to add the service back.
    here is the list of current services in project:


    Here is the list of available database services:


    There are no ...File... choices available
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • here is a service list for an earlier version of my project which contains the missing ...tackFile... delete service
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • Hello! Just to clarify - after you click Create New --> Database Services you imported all services for "tack" DB then deleted "tack_tackFile_delete_service" and now you are not able to add it back?
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • Hi Sean,

    To delete file create a simple REST Service with parameters object (probably tack_settings) as Settings. Add the following headers:
    X-Appery-Database-Id: {database_id}
    X-Appery-Session-Token: from localStorage (maybe!)

    As an address use "https://api.appery.io/rest/1/db/files..."
    and set DELETE request method.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated

  • Hi
    Thanks for the help so far. I have have been able to delete a file if the creator deletes, but I still need to understand how to give an admin account delete permission.
    Reading this:
    http://docs.appery.io/documentation/b...

    leads me to believe I need to explicitly set permissions on each file when creating it to include the admin account id in the acl list of file if I want to give that user delete capability. Is that correct?

    Right now, I have test file with acl of (get created automatically after sign in and following code):
    {"*":{"read":true},"51f275d7e4b0c2d8935a62ee":{"read":true,"write":true}}

    If I want to add another user id with delete permission how do I do that? I am specifically thinking of uploading files via ajax/javascript like so:

    var serverUrl = 'https://api.appery.io/rest/1/db/files/' + file.name;
    $.canvasResize(file, {
    width: 300,
    height: 0,
    crop: false,
    quality: 80,
    //rotate: 90,
    callback: function(data, width, height) {
    $('<img>').attr('src', data);
    var f = dataURItoBlob(data);
    $.ajax({
    type: "POST",
    beforeSend: function(request) {
    request.setRequestHeader("X-Appery-Database-Id", tack_settings['database_id']);
    request.setRequestHeader("X-Appery-Session-Token", localStorage.getItem('token'));
    request.setRequestHeader("Content-Type", 'image/jpeg');
    },
    url: serverUrl,
    data: f,
    processData: false,
    contentType: false,
    success: function(data) {
    alert("success");
    localStorage.setItem('image_url', data.fileurl);
    createAd.execute( {} );
    },
    error: function(data) {
    alert('there was a problem saving your photo');}
    });
    }


    I understand I can use a master key in a "trusted" environment but I am guessing that that does not mean a public web site.
    • Hello! We would need to check that with dev team. I'll update when have information.
    • Hello! Sorry for late reply. You can't set acl and upload file at the same time. You can upload file first and then update acl. To do that you should run the following request:
      curl -X PUT \
      -H "X-Appery-Database-Id: <databaseID>" \
      -H "X-Appery-Session-Token: <userSessionToken>" \
      -H "Content-Type: application/json" \
      -d '{<user>:{<permissionType>:<boolean>,...},...}'
      https://api.appery.io/rest/1/db/files/<fileName>/acl

      where: is Appery DB user's session token;
      is database unique identifier;
      is the name of file in DB;
      is userId, or " * " for 'public' ACL;
      is "read" or "write";
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated

  • I am doing something wrong when adding this permission via service call. When I upload the file: Under Files in console, I get the file permissions setup as normal with file name, owner, and public read and owner read/write.

    When I then call my service to add permissions to the file for my admin account a new row is added to the files tab. Instead of listing the file name, I get a new name with the .acl extension. The file type is not 'image/jpeg' but rather 'application/json'

    I expected to see a modified acl for the file thus having only one row.

    The ownership is same and the acl is same:
    {"*":{"read":true},"my-user-id":{"read":true,"write":true}}



    Here is what my service setup looks like:

  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated

  • Hello!
    1) there are different names of filename parameter on your screenshots (filename and fileName) that's why file can't be found and new record is added.
    2) filename should be the same you receive from Uploading to DB service (with symbols added at the beginning)
    3)
    Should permission changes be full replace or an addition to existing
    full replace
    4)
    I also do a javascript in mapping to set the userId
    it's not correct. You need to send object only. It means you can't update through services, you should use ajax (as with uploading files). You can use service only if you want to give rights to read and write to everyone - then you can give parameter name * and add in mapping:
    return {"read": true, "write": true};
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly happy, confident, thankful, excited indifferent, undecided, unconcerned sad, anxious, confused, frustrated

  • This reply was removed on 2013-08-02.
    see the change log
  • thanks- I am still having a little trouble forming the code for the ajax to change permission.

    I get error:
    POST https://api.appery.io/rest/1/db/files... 405 (Method Not Allowed)

    I have:
    function setPerm() {

    //https://api.appery.io/rest/1/db/files...
    var dbFileName =localStorage.getItem('image_url').replace("https://api.appery.io/rest/1/db/files...","");;
    var serverUrl = 'https://api.appery.io/rest/1/db/files/' + dbFileName + '/acl';
    var currentUser=localStorage.getItem('sId');
    var myPermissions= '{\"' + currentUser + '\": { \"read\": true, \"write\": true }, \"my-admin-user-id\": { \"read\": true, \"write\": true }, \"*\" : { \"read\" : true }}';
    console.log(myPermissions);
    $.ajax({
    type: "POST",
    beforeSend: function(request) {
    request.setRequestHeader("X-Appery-Database-Id", tack_settings['database_id']);
    request.setRequestHeader("X-Appery-Session-Token", localStorage.getItem('token'));
    request.setRequestHeader("Content-Type", 'application/json');
    },
    url: serverUrl,
    data: myPermissions,
    //processData: false,
    //contentType: false,
    success: function(data) {
    alert("success");
    console.log('saved permissions ok');
    },
    error: function(data) {
    alert('problem saving permissions');
    }
    });
    } //end setPerm
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned

  • Hi Sean,

    Marina mentioned request PUT method above. I see you use POST. Please try using PUT method.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated indifferent, undecided, unconcerned