Search...
elevate( )
Allows a site visitor to call a function without the required permissions.
Description
Warning: The
elevate()function enables site visitors to call functions without the required permissions. Exercise caution when using this function to prevent security vulnerabilities.
The elevate() function receives a function requiring permissions and returns an instance of the same function that any site visitor can run.
Some functions require specific roles and permissions to run.
Other functions may limit functionality depending on the the visitor's roles and permissions.
Using elevate() bypasses the permissions by elevating the site visitor's permissions to the highest level.
For example, the wix-bookings-backend function confirmBooking() requires Bookings Admin permissions.
Use elevate() to allow any visitor to run confirmBooking().
javascript | Copy Codeconst myElevatedConfirmBooking = elevate(bookings.confirmBooking);
Notes:
- The
elevate()function can only be used in the backend.- Some functions have a
suppressAuthoption for overriding permissions. For these functions, usesuppressAuthinstead ofelevate(). Check your function's reference documentation to see whethersuppressAuthorelevate()is supported.
Syntax
function elevate(sourceFunction: Function): Function
elevate Parameters
NAME
TYPE
DESCRIPTION
sourceFunction
Function
Function of which to create an instance with elevated permissions.
Returns
Specified function with elevated permissions.
Return Type:
Function
Was this helpful?
Elevate permissions for visitors using wix-bookings-backend.confirmBooking
Copy Code
1import { Permissions, webMethod } from 'wix-web-module';2import { bookings } from 'wix-bookings-backend';3import { elevate } from 'wix-auth';45// Sample bookingId value: '001c0674-d7c9-4c77-acb5-b492b427b201'67export const myElevatedConfirmBookingFunction = webMethod(Permissions.Anyone, async (bookingId) =>{89 try {10 const elevatedConfirmBooking = elevate(bookings.confirmBooking);11 const confirmedBookingId = await elevatedConfirmBooking(bookingId);1213 console.log('Success! Confirmed booking:', confirmedBookingId);14 return confirmedBookingId;15 } catch (error) {16 console.error(error);17 // Handle error18 }19});202122/* Returns:23 * "001c0674-d7c9-4c77-acb5-b492b427b201"24 */
Elevate permissions for visitors using wix-crm-backend.getContact
Copy Code
1import { Permissions, webMethod } from 'wix-web-module';2import { contacts } from 'wix-crm-backend';3import * as wixAuth from 'wix-auth';45// Sample contactId value: 'bc0ae72b-3285-485b-b0ad-c32c769a4daf'67export const myElevatedGetContactFunction = webMethod(Permissions.Anyone, async (contactId) => {89 try {10 const elevatedGetContact = wixAuth.elevate(contacts.getContact);11 const myContact = await elevatedGetContact(contactId);1213 const id = myContact._id;14 const firstName = myContact.info.name.first;15 const lastName = myContact.info.name.last;1617 console.log('Success! Got contact:', myContact);18 return myContact;19 } catch (error) {20 console.error(error);21 // Handle error22 }23});2425/* Returns:26 * {27 * "_id": "bc0ae72b-3285-485b-b0ad-c32c769a4daf",28 * "_createdDate": "2021-03-30T13:12:39.650Z",29 * "_updatedDate": "2021-03-30T13:12:39.650Z",30 * "revision": 0,31 * "info": {32 * "name": {33 * "first": "Gene",34 * "last": "Lopez"35 * },36 * "birthdate": "1981-11-02",37 * "company": "Borer and Sons, Attorneys at Law",38 * "jobTitle": "Senior Staff Attorney",39 * "labelKeys": [40 * "custom.white-glove-treatment",41 * "contacts.contacted-me",42 * "custom.new-lead"43 * ],44 * "locale": "en-us",45 * "emails": [46 * {47 * "_id": "5bdcce4a-37c2-46ed-b49c-d562c6e3c4ce",48 * "tag": "HOME",49 * "email": "gene.lopez.at.home@example.com",50 * "primary": true51 * },52 * {53 * "_id": "78e5f398-e148-448d-b490-7c0b7d2ab336",54 * "tag": "WORK",55 * "email": "gene.lopez@example.com",56 * "primary": false57 * }58 * ],59 * "phones": [60 * {61 * "_id": "820e4640-ffe0-4980-a097-62a715e73135",62 * "tag": "MOBILE",63 * "countryCode": "US",64 * "phone": "(722)-138-3099",65 * "primary": true66 * },67 * {68 * "_id": "8506549e-e4f8-42f6-b6fc-9db155b582ef",69 * "tag": "HOME",70 * "countryCode": "US",71 * "phone": "(704)-454-1233",72 * "e164Phone": "+17044541233",73 * "primary": false74 * }75 * ],76 * "addresses": [77 * {78 * "address": {79 * "formatted": "9834 Bollinger Rd\nEl Cajon, WY 97766\nUS",80 * "location": {81 * "latitude": 84.1048,82 * "longitude": -116.883683 * },84 * "city": "El Cajon",85 * "subdivision": "US-WY",86 * "country": "US",87 * "postalCode": "97766",88 * "streetAddress": {89 * "name": "Bollinger Rd",90 * "number": "9834",91 * "apt": ""92 * }93 * },94 * "_id": "8532051f-91f2-42d9-9a97-9f2c39e64f7a",95 * "tag": "HOME"96 * }97 * ],98 * "profilePicture": "https://randomuser.me/api/portraits/men/0.jpg",99 * "extendedFields": {100 * "contacts.displayByLastName": "Lopez Gene",101 * "emailSubscriptions.deliverabilityStatus": "NOT_SET",102 * "emailSubscriptions.subscriptionStatus": "NOT_SET",103 * "custom.event-we-met-at": "LegalBigData",104 * "emailSubscriptions.effectiveEmail": "gene.lopez.at.home@example.com",105 * "contacts.displayByFirstName": "Gene Lopez"106 * }107 * },108 * "lastActivity": {109 * "activityDate": "2021-03-30T13:12:39.649Z",110 * "activityType": "CONTACT_CREATED"111 * },112 * "primaryInfo": {113 * "email": "gene.lopez.at.home@example.com",114 * "phone": "(722)-138-3099"115 * },116 * "source": {117 * "sourceType": "OTHER"118 * }119 * }120 */
Elevate permissions for visitors using wix-pro-gallery-backend.createGallery
Copy Code
1import { Permissions, webMethod } from 'wix-web-module';2import { proGallery } from 'wix-pro-gallery-backend';3import { elevate } from 'wix-auth';45// Sample cloneFromGalleryId value: '10874ccf-5867-4225-9550-3885079bad66'67export const myCreateGalleryFunction = webMethod(Permissions.Anyone, async (cloneFromGalleryId) => {89 try {10 const elevatedCreateGallery = elevate(proGallery.createGallery);11 const newGallery = await elevatedCreateGallery({cloneFromGalleryId});1213 const id = newGallery._id;14 const name = newGallery.name;15 const items = newGallery.items;16 const firstItemTitle = newGallery.items[0].title;1718 console.log('Success! Created a new gallery:', newGallery);19 return newGallery;20 } catch (error) {21 console.error(error);22 // Handle the error23 }24});2526/* Returns:27 * {28 * "gallery": {29 * "_createdDate": "Sun Jul 10 2022 07:23:47,30 * "_id":"d4960668-a1f9-421b-99ed-974b632107c0",31 * "items": [32 * {33 * "_createdDate": Sun Jul 10 2022 07:23:47,34 * "_id": "229265c7-0f61-45ve-b433-791nncadf4c5",35 * "_updatedDate": Sun Jul 10 2022 07:23:47,36 * "description": "This is the first item in my gallery.",37 * "sortOrder": 1657439075188,38 * "title": "Item 1",39 * "type": "IMAGE",40 * "image": {41 * "imageInfo": "wix:image://v1/38939f9568z222d6avc6285c9ac1e9129.jpg/38939f9568z222d6avc6285c9ac1e9129.jpg#originWidth=200&originHeight=199"42 * }43 * },44 * {45 * "_createdDate": Sun Jul 10 2022 07:29:27,46 * "_id": "4507a07b-ab93-4326-a222-6d0bd8da0625",47 * "_updatedDate": Sun Jul 10 2022 07:29:27,48 * "description": "This is the second item in my gallery.",49 * "sortOrder": 1857439076244,50 * "title": "Item 2",51 * "type": "IMAGE",52 * "image": {53 * "imageInfo": "wix:image://v1/25139f9568b74d8aac6286c9ac1e8186.jpg/25139f9568b74d8aac6286c9ac1e8186.jpg#originWidth=4000&originHeight=2667"54 * }55 * }],56 * "name": "My New Gallery",57 * "sortOrder": "1098567432267",58 * "totalItems": 259 * }60 * }61 */