Permission error NoMatchingRuleFound

Bob_Dylan · April 7, 2021, 6:43pm

I’m using mongodb atlas with mongodb realm graphql api. I’m justing use realm ui and postman.

1 - I made a simple colletion called patient on atlas.
2 - I made a simple realm app.
3 - I made a rule with “Users can only read and write their own data” template.
4 - I put {“user.id”: “%%user.id”} on Apply When field.
5 - I made a schema like that:

{
  "title": "patient",
  "properties": {
      "_id": {
          "bsonType": "objectId"
      },
      "name": {
          "bsonType": "string"
      },
      "user": {
          "bsonType": "objectId"
      }
  }
}

6 - I’m not using sync.
7 - i turn on email/password auth.
8 - i create a email/password on realm ui.
9 - I review and deploy.

When i try to insert patient by postman, the api returns:

reason="no matching role found for document with _id: ObjectID(\"606dfbeef6c4be4cb6d91831\")"; code="NoMatchingRuleFound"; untrusted="insert not permitted"; details=map

This is my request on curl:

curl --location --request POST 'https://realm.mongodb.com/api/client/v2.0/app/aaaa/graphql' \
--header 'email: aaaa@aaaa.com' \
--header 'password: aaaa' \
--header 'Content-Type: application/json' \
--data-raw '{"query":"mutation {\r\n    insertOnePatient(data:{\r\n        name: \"heeeeee\"\r\n    }) {\r\n        _id\r\n        name\r\n    }\r\n}","variables":{}}'

it’s work when i try to insert using graphql realm ui.

some ideia?

Bob_Dylan · April 7, 2021, 7:38pm

this is my app url https://realm.mongodb.com/api/client/v2.0/app/nicetry-mdjhm/graphql

Andrew_Morgan · April 8, 2021, 11:08am

Hi @Bob_Dylan, welcome to the community.

Could you please share the full rule definition for this collection (e.g., click on the “ADVANCED MODE” button and copy the JSON)?

Also, is there an error shown in the Realm logs?

Bob_Dylan · April 9, 2021, 1:05pm

Hi Andrew,

{
  "roles": [
    {
      "name": "owner",
      "apply_when": {
        "user": "%%user.id"
      },
      "insert": true,
      "delete": true,
      "search": true,
      "write": true,
      "fields": {},
      "additional_fields": {}
    }
  ],
  "filters": [],
  "schema": {
    "title": "patient",
    "properties": {
      "_id": {
        "bsonType": "objectId"
      },
      "name": {
        "bsonType": "string"
      },
      "user": {
        "bsonType": "string"
      }
    }
  }
}

i made a request today and i dont saw any error, but i saw a error two days ago with this message: “no authentication methods were specified”.

Vishal_Shetty · March 23, 2022, 2:53am

I am also getting the same issue, any solution to this?

Guido_Lopez · September 17, 2022, 6:46am

Hello, did you ever find the solution? I’m triying to implement quite the same role.

rouuuge · November 21, 2023, 9:07am

hi,

Where put you in that rule?

regards

Russ_Decker · November 28, 2023, 12:06am

Having a similar issue… have a ticket with mongo support and no one can seem to figure it out… getting noMatchingRole found when it should have a matching role and has in the past. Very frustrating and not a good thing to have issues with authorization.

Tyler_Kaye · November 28, 2023, 12:12am

Can you share your application ID?