我有一个具有以下作用域的用户刷新令牌:
'https://www.googleapis.com/auth/analyticshttps://www.googleapis.com/auth/analytics.edithttps://www.googleapis.com/auth/analytics.readonlyhttps://www.googleapis.com/auth/analytics.manage.users''
该用户有几个帐户,当我试图将访问帐户的权限授予另一个用户时,XXXX2帐户会发生禁止错误(您可以在下面的代码和帐户列表json中看到(。我检查了这个帐户的有效权限字段,我发现它是一个空数组,你也可以在下面看到。
在我看来,这个错误的原因是这个用户没有这个帐户(XXXX2(的"manage_users"权限,所以这是一个预期的错误,不是吗?
PS:我可以用下面的代码正确地链接XXXX1。
我的代码:
linkAccount = self.service.management().accountUserLinks().insert(
accountId=accountId,
body={
'permissions': {
'local': [
'EDIT',
'MANAGE_USERS'
]
},
'userRef': {
'email': email}}).execute()
用户帐户列表:
{
"id": "XXXX1",
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1”,
"name": "XXXX1",
"permissions": {
"effective": [
"COLLABORATE",
"EDIT",
"MANAGE_USERS",
"READ_AND_ANALYZE"
]
},
"created": "2014-02-17T17:52:10.911Z",
"updated": "2019-06-04T16:06:12.717Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1/webproperties"
}
},
{
"id": "XXXX2”,
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2”,
"name": "XXXX2",
"permissions": {
"effective": []
},
"created": "2015-07-02T19:11:16.307Z",
"updated": "2019-03-05T21:16:19.552Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2/webproperties"
}
}
错误代码:
<HttpError 403 when requesting https://analytics.googleapis.com/analytics/v3/management/accounts/XXXXX/entityUserLinks?alt=json returned "User does not have permission to perform this operation.". Details: "User does not have permission to perform this operation."
我会检查当前经过身份验证的用户对有问题的帐户有什么访问权限。
如果与您进行身份验证的用户仅具有读取访问权限。对于Analytica帐户,将无法为您的应用程序添加另一个用户。