Shouldn't the unauthenticated error and success data be mutually exclusive?
amritms
Member Posts: 2
Hi everyone,
This is my first time working with graphql and waveapps.
I am creating invoice on behalf of other customer.
Steps I followed:
1. Gather customer's token via oauth2/authorize api
2. create customer
3. create product
4. create draft invoice
5. approve draft invoice
While creating customer and product, I can see either errors or data. But while approving draft invoice, I am receiving both errors and data response. I have checked the waveapps, the invoice is actually approved. Why is the errors returned with data?
Tagged:
0
Comments
Hi @amritms,
The mutation processing has two steps - mutation itself, and query (what to return after a mutation). The
inputErrors
are about what went wrong when trying to run the mutation, and the outererrors
section is anything else, such as problems fulfilling the query.In your scenario the mutation has succeeded, indicated by
data.invoiceApprove.didSucceed: true
.The error "Action not authorized." has a
path
field with value['invoiceApprove', 'invoice', 'items', 0, 'product', 'defaultSalesTaxes']
. This is saying that this error occurred when trying to query/fetch the default sales taxes of the first item/product of the invoice. To retrieve sales tax data, the user needs to grant the necessary OAuth scopes ofsales_tax:read
orsales_tax:*
. This would be similar to the scopes requested for the customer, product, and invoice resource.One additional thing I would add is that I think you are likely fetching extra, unnecessary data as part of each request. For example, a Customer, Product, Sales Tax, Account, Invoice, etc can only ever belong to a single business. As a result, the
business.id
andbusiness.name
will remain the same for all of these entities you are retrieving (you seemed to ask for these fields repeatedly).