当我尝试 link 一个帐户给另一个用户的电子邮件时,发生了禁止的错误
The forbidden error occurs, when I try to link an account to another user with an email
我有一个具有这些范围的用户刷新令牌:
'https://www.googleapis.com/auth/analytics https://www.googleapis.com/auth/analytics.edit https://www.googleapis.com/auth/analytics.readonly https://www.googleapis.com/auth/analytics.manage.users’’
用户有几个帐户,当我尝试将帐户访问权限授予另一个用户时,XXXX2 帐户发生了禁止错误(您可以在下面的代码和帐户列表中看到 json)。我检查了这个帐户的有效权限字段,我看到它是一个空数组,如下所示。
在我看来,这个错误的原因是这个用户没有这个帐户(XXXX2)的'manage_users'权限,所以这是一个预期的错误,不是吗?
PS:我可以用下面的代码 link XXXX1 正确。
我的代码:
linkAccount = self.service.management().accountUserLinks().insert(
accountId=accountId,
body={
'permissions': {
'local': [
'EDIT',
'MANAGE_USERS'
]
},
'userRef': {
'email': email}}).execute()
用户帐户列表:
{
"id": "XXXX1",
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1”,
"name": "XXXX1",
"permissions": {
"effective": [
"COLLABORATE",
"EDIT",
"MANAGE_USERS",
"READ_AND_ANALYZE"
]
},
"created": "2014-02-17T17:52:10.911Z",
"updated": "2019-06-04T16:06:12.717Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1/webproperties"
}
},
{
"id": "XXXX2”,
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2”,
"name": "XXXX2",
"permissions": {
"effective": []
},
"created": "2015-07-02T19:11:16.307Z",
"updated": "2019-03-05T21:16:19.552Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2/webproperties"
}
}
错误代码:
<HttpError 403 when requesting https://analytics.googleapis.com/analytics/v3/management/accounts/XXXXX/entityUserLinks?alt=json returned "User does not have permission to perform this operation.". Details: "User does not have permission to perform this operation."
我会检查当前经过身份验证的用户对相关帐户有哪些访问权限。
如果与您进行身份验证的用户只有读取权限。对于 Analytica 帐户,您的应用程序无法添加其他用户。
我有一个具有这些范围的用户刷新令牌:
'https://www.googleapis.com/auth/analytics https://www.googleapis.com/auth/analytics.edit https://www.googleapis.com/auth/analytics.readonly https://www.googleapis.com/auth/analytics.manage.users’’
用户有几个帐户,当我尝试将帐户访问权限授予另一个用户时,XXXX2 帐户发生了禁止错误(您可以在下面的代码和帐户列表中看到 json)。我检查了这个帐户的有效权限字段,我看到它是一个空数组,如下所示。
在我看来,这个错误的原因是这个用户没有这个帐户(XXXX2)的'manage_users'权限,所以这是一个预期的错误,不是吗?
PS:我可以用下面的代码 link XXXX1 正确。
我的代码:
linkAccount = self.service.management().accountUserLinks().insert(
accountId=accountId,
body={
'permissions': {
'local': [
'EDIT',
'MANAGE_USERS'
]
},
'userRef': {
'email': email}}).execute()
用户帐户列表:
{
"id": "XXXX1",
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1”,
"name": "XXXX1",
"permissions": {
"effective": [
"COLLABORATE",
"EDIT",
"MANAGE_USERS",
"READ_AND_ANALYZE"
]
},
"created": "2014-02-17T17:52:10.911Z",
"updated": "2019-06-04T16:06:12.717Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1/webproperties"
}
},
{
"id": "XXXX2”,
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2”,
"name": "XXXX2",
"permissions": {
"effective": []
},
"created": "2015-07-02T19:11:16.307Z",
"updated": "2019-03-05T21:16:19.552Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2/webproperties"
}
}
错误代码:
<HttpError 403 when requesting https://analytics.googleapis.com/analytics/v3/management/accounts/XXXXX/entityUserLinks?alt=json returned "User does not have permission to perform this operation.". Details: "User does not have permission to perform this operation."
我会检查当前经过身份验证的用户对相关帐户有哪些访问权限。
如果与您进行身份验证的用户只有读取权限。对于 Analytica 帐户,您的应用程序无法添加其他用户。