Feature(s) impacted
Smart relations
Observed behavior
Creating a new record with a smart relationship makes a POST call to the record and then a PUT call to the relationship collection. This means that the user making creating the record has to have create and update permissions in order to do this otherwise you get a Forbidden error thrown.
There are use cases where we don’t want to give a role update permissions but still be able to create records which. Conceptually, it doesn’t really make sense to give a role update permissions in order to create records.
Expected behavior
I want to to be able to create a record with a smart relation without needing update permissions.
Context
- Project name: Emma
- Team name: Emma
- Environment name: Any
- Agent technology: nodejs,
- Agent (forest package) name & version: @forestadmin/agent: 1.51.0
- Database type: MySQL