[SOLVED] Delete member access denied

Hello dear devs,

i‘m facing an issue (I did report to wix help) but It would interesting is someone else do find the issue !

I have a code in backend that delete and recreate members.

unfortunately, it is working in the editor but not in live site, the catch retrieve me the error below, that comes from delete member I guess, but there is no documentation for a suppressAuth or something telling me admin only can use that ! 😅

Any thoughts ?

I post the code direcly (@Yisrael (Wix) , did you think there is any issue on the wix members API itself ?)

import { members, authentication } from 'wix-members-backend';
import { checkout, orders } from 'wix-pricing-plans-backend';
import wixData from 'wix-data';


// Sample id value:
// 'efab296e-2687-4751-9956-ee73200dd4bb'

export async function deleteMember(id, email) {

    let override = {
        "suppressAuth": true,
    };
   
    const listedOrders = await orders.listOrders({}, {}, {}, override);

    return await members.deleteMember(id)
        .then(async () => {

            console.log('Member deleted');
        
            let password = await wixData.query('Clients').eq('mail', email).find(override).then((res) => { return res.items[0].motDePasse })
            let options = {
                contactInfo: {

                    firstName: await wixData.query('Clients').eq('mail', email).find(override).then((res) => { return res.items[0].prenom }),
                    lastName: await wixData.query('Clients').eq('mail', email).find(override).then((res) => { return res.items[0].nom })

                }
            }
            return await authentication.register(email, password, options).then(async (newMember) => {
                    console.log(newMember)
                    if (listedOrders.length > 0) {
                        try {
                            let orderRetrieve = listedOrders.filter(a => a.buyer.memberId === id)
                            if (orderRetrieve.length > 0) {
                                const order = await checkout.createOfflineOrder(orderRetrieve[0]._id, newMember.member._id, override);
                                const plan = order.endDate;
                                const orderType = order.type;
                                await orders.postponeEndDate(order._id, orderRetrieve[0].endDate, override);
                            }
                        } catch (error) {
                            console.error(error);
                        }
                    }
                    return newMember.sessionToken

                })

                .catch((error) => {
                    console.error(error);
                });

        }).catch((error) => {
            console.error(error);
        });

}

1 Comment

Unknown member

Oct 19, 2022

Best Answer

Ok i had an answer back :

for those who are wondering what’s the authorizations :

- it is admin only

- it doesn’t have auth suppr

- it can be called by data hooks, http functions or scheduled job only But unfortunately, it's giving me the same error.

Delete member access denied

How can we make the product better?