Permission error NoMatchingRuleFound

I’m using mongodb atlas with mongodb realm graphql api. I’m justing use realm ui and postman.

1 - I made a simple colletion called patient on atlas.
2 - I made a simple realm app.
3 - I made a rule with “Users can only read and write their own data” template.
4 - I put {“user.id”: “%%user.id”} on Apply When field.
5 - I made a schema like that:

{
  "title": "patient",
  "properties": {
      "_id": {
          "bsonType": "objectId"
      },
      "name": {
          "bsonType": "string"
      },
      "user": {
          "bsonType": "objectId"
      }
  }
}

6 - I’m not using sync.
7 - i turn on email/password auth.
8 - i create a email/password on realm ui.
9 - I review and deploy.

When i try to insert patient by postman, the api returns:

reason=“no matching role found for document with _id: ObjectID(\“606dfbeef6c4be4cb6d91831\”)”; code=“NoMatchingRuleFound”; untrusted=“insert not permitted”; details=map[]

This is my request on curl:

curl --location --request POST 'https://realm.mongodb.com/api/client/v2.0/app/aaaa/graphql' \
--header 'email: aaaa@aaaa.com' \
--header 'password: aaaa' \
--header 'Content-Type: application/json' \
--data-raw '{"query":"mutation {\r\n    insertOnePatient(data:{\r\n        name: \"heeeeee\"\r\n    }) {\r\n        _id\r\n        name\r\n    }\r\n}","variables":{}}'

it’s work when i try to insert using graphql realm ui. :frowning:

some ideia?

this is my app url https://realm.mongodb.com/api/client/v2.0/app/nicetry-mdjhm/graphql

Hi @Bob_Dylan, welcome to the community.

Could you please share the full rule definition for this collection (e.g., click on the “ADVANCED MODE” button and copy the JSON)?

Also, is there an error shown in the Realm logs?

Hi Andrew,

{
  "roles": [
    {
      "name": "owner",
      "apply_when": {
        "user": "%%user.id"
      },
      "insert": true,
      "delete": true,
      "search": true,
      "write": true,
      "fields": {},
      "additional_fields": {}
    }
  ],
  "filters": [],
  "schema": {
    "title": "patient",
    "properties": {
      "_id": {
        "bsonType": "objectId"
      },
      "name": {
        "bsonType": "string"
      },
      "user": {
        "bsonType": "string"
      }
    }
  }
}

i made a request today and i dont saw any error, but i saw a error two days ago with this message: “no authentication methods were specified”.