Adding Advanced Filters for Service Access in Role Errors


#1

Good Day,

I’ve been looking around the internet to figure out why when I add a filter so the user can only find and edit their records, it gives me an error of “Field must be a valid integer”. I’ve followed all of the blog, forum and video posts and it doesn’t change.

I’ve set up my MariaDB instance, service, app, and role. I select mariadb, the _table/mytable/ and add the filter owner_id = {user.id} and when I GET on the API it says the field ‘owner_id’ must be a valid integer. The column is set as ‘user_id’.

I installed DreamFactory with Bitnami on AWS EC2 version 2.7.0

Any insight to why this is happening is greatly appreicated.

Kind Regards


#2

Hi John
Did you find a solution to this problem?
I’m using MySQL and have an field called owner_id set as Integer
I’m comparing it to {user_id} but I get the same error you have:

{“error”:{“code”:400,“context”:null,“message”:“Field ‘owner_id’ must be a valid integer.”,“status_code”:400}}

Many thanks


#3

You didn’t say where you added the filter. In my experience, filters work fine for GET. But they don’t work PATCH, PUT.

My solution:

  • Put a filter on the GET method for a table or a view that contains whatever data so you can do the filtering there.
  • Put a pre-processing script on the PATCH etc endpoint that first checks whether it can GET the corresponding record. Throw an error if you can’t GET the record, because it means the user is not allowed to edit the record.

This method also allows for filtering on data that is not in the table that is being edited, as you can use a view to base the filter on. And the view can of course contain any data relevant for establishing authorization.