Workflow API authorization and anonymous content creation
70 views
Skip to first unread message
Mark Pitely
Feb 5, 2024, 10:37:57 AMFeb 5
to dotCMS User Group
When using the Workflows API (/api/v1/workflow/actions/default/fire/NEW)
you can set the structure you are writing to to have cms_anonymous allowance and then post content. However, after a certain amount (~10?) it stops allowing, giving a message about a limit: this did NOT happen in the past. I understand why this makes sense, but how do I get that limit changed, and can it be set much higher?
I'm using js and velocity. Maybe I'm just being thick, but getting an API Token and using that for auth is fine, but I have to have it plaintext. Is there something clever I am missing? Even if I use the jsontool internally to fetch the token, the token would be public.
Lastly, my content is not publishing, but saving. Is there a different endpoint (than 'NEW'), or can I add something to my json to do 'save + publish'? I saw some text examples that did this.
My json is this:
var dataObj={"contentlet":[{"title":title,"contentType":"navigation","top":top,"path":path,"wordpress":wordpressurl,
"parent":identifier,'html':document.html}]};
"parent":identifier,'html':document.html}]};
Version: 23.01.10
Mark Pitely
Albright College
jonathan...@dotcms.com
Feb 5, 2024, 11:53:48 AMFeb 5
to dotCMS User Group
Hi,
you can fire any these actions:
On more thing, we have an endpoint to do batches in just one call, for instance the following curl is publishing a bunch of new rich text files in just one request.
NEW,
EDIT,
PUBLISH,
UNPUBLISH,
ARCHIVE,
UNARCHIVE,
DELETE,
DESTROY
EDIT,
PUBLISH,
UNPUBLISH,
ARCHIVE,
UNARCHIVE,
DELETE,
DESTROY
in your case /api/v1/workflow/actions/default/fire/PUBLISH may work
If you are using the system workflow for the content type, will work.
```
curl --location 'http://localhost:8080/api/v1/workflow/actions/default/fire/PUBLISH' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YWRtaW5AZG90Y21zLmNvbTphZG1pbg==' \
--data '{
"contentlets":[
{
"contentType":"webPageContent",
"title":"Content1",
"contentHost":"default",
"body":"Body Content1"
},
{
"contentType":"webPageContent",
"title":"Content2",
"contentHost":"default",
"body":"Body Content2"
},
{
"contentType":"webPageContent",
"title":"Content3",
"contentHost":"default",
"body":"Body Content3"
},
{
"contentType":"webPageContent",
"title":"Content4",
"contentHost":"default",
"body":"Body Content4"
},
{
"contentType":"webPageContent",
"title":"Content5",
"contentHost":"default",
"body":"Body Content5"
},
{
"contentType":"webPageContent",
"title":"Content6",
"contentHost":"default",
"body":"Body Content6"
},
{
"contentType":"webPageContent",
"title":"Content7",
"contentHost":"default",
"body":"Body Content7"
},
{
"contentType":"webPageContent",
"title":"Content8",
"contentHost":"default",
"body":"Body Content8"
},
{
"contentType":"webPageContent",
"title":"Content9",
"contentHost":"default",
"body":"Body Content9"
},
{
"contentType":"webPageContent",
"title":"Content10",
"contentHost":"default",
"body":"Body Content10"
},
{
"contentType":"webPageContent",
"title":"Content11",
"contentHost":"default",
"body":"Body Content11"
},
{
"contentType":"webPageContent",
"title":"Content12",
"contentHost":"default",
"body":"Body Content12"
},
{
"contentType":"webPageContent",
"title":"Content13",
"contentHost":"default",
"body":"Body Content13"
},
{
"contentType":"webPageContent",
"title":"Content14",
"contentHost":"default",
"body":"Body Content14"
},
{
"contentType":"webPageContent",
"title":"Content15",
"contentHost":"default",
"body":"Body Content15"
},
{
"contentType":"webPageContent",
"title":"Content16",
"contentHost":"default",
"body":"Body Content16"
},
{
"contentType":"webPageContent",
"title":"Content17",
"contentHost":"default",
"body":"Body Content17"
},
{
"contentType":"webPageContent",
"title":"Content18",
"contentHost":"default",
"body":"Body Content18"
},
{
"contentType":"webPageContent",
"title":"Content19",
"contentHost":"default",
"body":"Body Content19"
},
{
"contentType":"webPageContent",
"title":"Content20",
"contentHost":"default",
"body":"Body Content20"
}
]
}'
```
Mark Pitely
Feb 15, 2024, 4:47:47 PMFeb 15
to dot...@googlegroups.com
I have resolved the publish issues, thanks.
Mark Pitley
Albright College
Still have to have plaintext for auth because there is no way to get the token via JS without it. I'd love a way to anonymously add to a specific structure, but whatever.
When trying to use the DELETE/UNPUBLISH endpoint, I get: '"A new Contentlet can not fire any of these actions: [EDIT, UNPUBLISH, UNARCHIVE, DELETE, DESTROY]"'
This is definitely an existing piece of content as this is coming from a page pulling. I can update it with that identifier without a problem. I added the inode piece since the error message carried an inode:null somewhere in there.
I also tried with:
let url = '/api/v1/workflow/actions/default/fire/UNPUBLISH?inode='+inode;
which mapped to some of your directions.
From the examples, they list this: (https://www.dotcms.com/docs/latest/creating-a-workflow-content-type-and-content-via-api#fire-new-content-type-content-using-rest)
https://demo.dotcms.com/api/v1/workflow/actions/75f216ff14/fire?inode=1a104580-f88e-4368-9ae5-1b14f4a65e8eThat got me a 405 error. 'Method not allowed'.
What should work:
function do_remove(id,inode){
var dataObj={"contentlet":[{"identifier":id,"contentType":"TexplStudent","inode":inode}]};
let url = '/api/v1/workflow/actions/default/fire/UNPUBLISH';
fetch(url, {
method: 'POST',
headers: {
'Accept': 'application/json, text/plain, */*',
'Content-Type': 'application/json',
"Authorization": "Bearer "+document.token
},
body: jsonout
}).then(res => res.json())
.then(res => really_reload(res) );
}
var dataObj={"contentlet":[{"identifier":id,"contentType":"TexplStudent","inode":inode}]};
let url = '/api/v1/workflow/actions/default/fire/UNPUBLISH';
fetch(url, {
method: 'POST',
headers: {
'Accept': 'application/json, text/plain, */*',
'Content-Type': 'application/json',
"Authorization": "Bearer "+document.token
},
body: jsonout
}).then(res => res.json())
.then(res => really_reload(res) );
}
Albright College
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/ef3d8f39-9a49-4637-b80a-70ca9d797f37n%40googlegroups.com.
jonathan...@dotcms.com
Feb 19, 2024, 8:30:14 PMFeb 19
to dotCMS User Group
Hi
The method not allowed may be b/c the body is not being sent. You have to put an empty body to be a valid one for the server such as
{}
{}
Best,
J
Reply all
Reply to author
Forward
0 new messages