Cannot create record using RESTApi / Javascript

20 views
Skip to first unread message

Stefan Messmer

unread,
Nov 4, 2025, 9:49:36 AM (10 days ago) Nov 4
to py4web
Hello
I am trying to insert a record in one of my tables using Javascript. The script does the following:

    fetch("../api/anomalies",{

        method: "POST",

        headers: {

            "Content-Type": "application/json",

        },

        body: JSON.stringify({

            "position": x,

            "position_y": y,

            "a_half_axis": 20,

            "b_half_axis": 20,

            "camera_id": camera,

            "inspection_id": myInspection,

            "label": anomaly_type,

            "confirmed": true,

            "modifier": email

        })

    }).catch((error) => {

        console.error(error);

    });


The backend looks as follows:

# policy definitions

policy = Policy()

policy.set('*', 'GET', authorize=True, allowed_patterns=['*'])


# for security reasons we disabled here all methods but GET at the policy level,

# to enable any of them just set authorize = True

policy.set('*', 'PUT', authorize=False)

policy.set('anomalies', 'POST', authorize=True)

policy.set('*', 'DELETE', authorize=False)


@action('api/<tablename>/', method = ['GET', 'POST'])

@action('api/<tablename>/<rec_id>', method = ['GET', 'PUT', 'DELETE'])

@action.uses(db)

def api(tablename, rec_id=None):

    return RestAPI(db, policy)(request.method,

                            tablename,

                            rec_id,

                            request.GET,

                            request.POST

                            ) 


However nothing gets inserted into the database. I have just started with py4web and it would be a big time saver, if I could insert these records programmatically. By the way: fetching a record works perfect.


Any idea what I have done wrong?


Many thanks

Stefan Messmer


Stefan Messmer

unread,
Nov 4, 2025, 3:21:05 PM (9 days ago) Nov 4
to py4web
After a few trials I have now a reproducible error message:
{api_version: "0.1", code: 401, message: "Not authorized", status: "error", timestamp: "2025-11-04T20:15:47.530593"}
Many thanks and best regards
Stefan Messmer

Massimo DiPierro

unread,
Nov 6, 2025, 3:01:57 AM (8 days ago) Nov 6
to py4web
I cannot reproduce your problem. Here is my code:

db.define_table(
"thing",
Field("name"))

policy = Policy()
policy.set('*', 'GET', authorize=True, allowed_patterns=['*'])
policy.set('*', 'PUT', authorize=False)
policy.set('thing', 'POST', authorize=True)
policy.set('*', 'DELETE', authorize=False)
@action('api/<tablename>/', method = ['GET', 'POST'])
@action('api/<tablename>/<rec_id>', method = ['GET', 'PUT', 'DELETE'])
@action.uses(db)
def api(tablename, rec_id=None):
return RestAPI(db, policy)(request.method,
tablename,
rec_id,
request.GET,
request.POST)

tested with

$ curl -X POST -H "Content-Type: application/json" -d '{"name": "cat"}' http://127.0.0.1:8000/test1/api/thing
{
  "api_version": "0.1",
  "code": 200,
  "errors": {},
  "id": 4,
  "status": "success",
  "timestamp": "2025-11-06T07:59:04.046538"
}

If you want to send a minimalist app that can help me reproduce I will help you debug more.

Stefan Messmer

unread,
Nov 6, 2025, 7:25:11 AM (8 days ago) Nov 6
to py4web
Ok.  I found the problem. Your policy settings are different from mine. I adjusted them and now it works.

Many thanks from your help
Stefan

Reply all
Reply to author
Forward
0 new messages