Missing permissions detection on pageUpdate query | Voters

Missing permissions detection on pageUpdate query

Tim Mackey

Mechanic at the moment is failing to detect and request the correct write permissions on the

pageUpdate

GraphQL query. Given this stub action, the permissions system should detect it:

{% action "shopify" %}
  mutation {
    pageUpdate(
      id: {{ page.id | json }}
      page: {
        body: {{ final_body | json }}
      }
    ) {
      page {
        id
      }
      userErrors {
        field
        message
      }
    }
  }
{% endaction %}

When the task run fails, Mechanic successfully detects the missing permissions with this error:

Action error
GraphQL operation returned data and errors:
{
  "errors": [
    {
      "message": "Access denied for pageUpdate field. Required access: Any of `write_content`, `write_online_store_pages` access scopes.",
      "locations": [
        {
          "line": 3,
          "column": 11
        }
      ],
      "extensions": {
        "code": "ACCESS_DENIED",
        "documentation": "https://shopify.dev/api/usage/access-scopes",
        "requiredAccess": "Any of `write_content`, `write_online_store_pages` access scopes."
      },
      "path": [
        "pageUpdate"
      ]
    }
  ],
  "data": {
    "pageUpdate": null
  }
}
This error indicates that your task requires additional Shopify API permissions.
Required permissions: write_content, write_online_store_pages
First, try using task previews - Mechanic can often detect permissions automatically.
Learn more: https://learn.mechanic.dev/core/tasks/previews
If that doesn't work, you can explicitly declare permissions by adding this to your task code:
{% permissions %}
  write_content
  write_online_store_pages
{% endpermissions %}
Learn more: https://learn.mechanic.dev/platform/liquid/tags/permissions

9 hours ago