SpacetimeDB icon indicating copy to clipboard operation
SpacetimeDB copied to clipboard
verified publisher icon clockworklabs

`spacetime sql` says credentials are incorrect when `-a` is passed

Open bfops opened this issue 1 year ago • 3 comments

We tried to run a spacetime sql query as a non-admin user and attempted to use the -a flag (which allows for passing an anonymous identity to SpacetimeDB). When we did this, we got a 401: Unauthorized even when using spacetime sql on a public table. This should not be the case and you should be able to use spacetime sql on public tables and you should also be able to use spacetime call on reducers even with an anonymous identity.

Definition of Done

  • [ ] Passing -a correct results in creating a new identity for the user on-the-fly
    • So -a functions the same as manually creating a new (non-privileged) identity and then using that identity to do the thing
  • [ ] An integration test is added so that this can't be regressed

bfops avatar Jul 16 '24 17:07 bfops

Context: https://discord.com/channels/931210784011321394/1270434226814324862/1271084529854976071

cloutiertyler avatar Aug 19 '24 19:08 cloutiertyler

I was unable to repro:

my_new_project $ spacetime sql -a -s local test-module 'select * from PrivateTable;'
Error: HTTP status Client error (401 Unauthorized): UnauthorizedError: "Table `PrivateTable` is private"

my_new_project $ spacetime sql -a -s local test-module 'select * from PublicTable;'
 name 
------

bfops avatar Aug 19 '24 19:08 bfops

I was able to repro this successfully, but only on 0.10.1. I think it must have been fixed somehow since then.

bfops avatar Sep 04 '24 15:09 bfops