Testing bucket for write permission using the Swift API

InfluxDB 2
1

I have been using this query with the InfluxDB Swift API with InfluxDB Cloud to test if a bucket is accessible and would like to expand it to confirm that the bucket has a token with write permission:

from(bucket: \"bucket") |> range(start: -1m) |> limit(n:1)

Being simple -minded I (and after looking the various Management APIs to get the bucket/API token permissions I went with this:

       do {
            try await client.makeWriteAPI().write(points: [])
            permissions = .readWrite
        } catch {
            permissions = .read
        }

but this doesn’t work because the there aren’t any points in the list. If I create a point the code does work but now I have modified the bucket and would have to delete the point.

Is there a better way to test if a bucket can be written, perhaps without performing a write?

2

No ideas anyone?

I guess I’ll just do a single write and move on.

3

Hello @sillygoose,
All buckets can be written to but I think what you want to test or rather verify is whether or not the token you’re using provides auth to write to it.
I would use the following:

Otherwise if you truly need to test a write I can’t think of another way to do that.
Thank you for your question.

4

Thanks for the reply and helpful suggestion. I feel I am missing something since using the API I responses but don’t see anything that helps me sort out the authorization status.

For example if I query the buckets endpoint using the read-only authorization token I get the reply:

{
	"links": {
		"self": "/api/v2/buckets?descending=false\u0026limit=20\u0026offset=0\u0026orgID=60004cfffb06fbde"
	},
	"buckets": [
		{
			"id": "ae411a5dd1aa8427",
			"orgID": "60004cfffb06fbde",
			"type": "user",
			"schemaType": "implicit",
			"name": "read-only-test",
			"retentionRules": [],
			"storageType": "tsm",
			"createdAt": "2023-03-20T18:26:03.151792585Z",
			"updatedAt": "2023-03-20T18:26:03.151792785Z",
			"links": {
				"labels": "/api/v2/buckets/ae411a5dd1aa8427/labels",
				"members": "/api/v2/buckets/ae411a5dd1aa8427/members",
				"org": "/api/v2/orgs/60004cfffb06fbde",
				"owners": "/api/v2/buckets/ae411a5dd1aa8427/owners",
				"self": "/api/v2/buckets/ae411a5dd1aa8427",
				"write": "/api/v2/write?org=60004cfffb06fbde\u0026bucket=ae411a5dd1aa8427"
			},
			"labels": []
		}
	]
}

which is the same as get from a bucket with a read-write authorization token:

{
	"links": {
		"self": "/api/v2/buckets?descending=false\u0026limit=20\u0026offset=0\u0026orgID=60004cfffb06fbde"
	},
	"buckets": [
		{
			"id": "f9a57e3fdbb82e03",
			"orgID": "60004cfffb06fbde",
			"type": "user",
			"schemaType": "implicit",
			"name": "read-write-bucket",
			"retentionRules": [],
			"storageType": "tsm",
			"createdAt": "2023-03-20T19:41:35.909674051Z",
			"updatedAt": "2023-03-20T19:41:35.909674151Z",
			"links": {
				"labels": "/api/v2/buckets/f9a57e3fdbb82e03/labels",
				"members": "/api/v2/buckets/f9a57e3fdbb82e03/members",
				"org": "/api/v2/orgs/60004cfffb06fbde",
				"owners": "/api/v2/buckets/f9a57e3fdbb82e03/owners",
				"self": "/api/v2/buckets/f9a57e3fdbb82e03",
				"write": "/api/v2/write?org=60004cfffb06fbde\u0026bucket=f9a57e3fdbb82e03"
			},
			"labels": []
		}
	]
}

I did the same with the authorization end points and don’t see anything there either:

{
	"links": {
		"self": "/api/v2/authorizations"
	},
	"authorizations": []
}

Am I missing something else that I should be doing? Thanks for all your help.