Found this content helpful? Log in or sign up to leave a like!

Best way to check if user is authorized to create conversation for a recipient

SpencerWilliams
Community Participant
‎10-17-2023 03:44 PM

What is the best way to check if a user is authorized to create a conversation via the Canvas API for a specific recipient user? 

I am seeing odd behavior using this API endpoint: 

https://canvas.instructure.com/doc/api/conversations.html#method.conversations.create

The sender is the recipient's teacher. I am getting this response back from the HTTP POST request:
{ "attribute": "recipients", "message": "invalid" }

I looked over the source code, and it seems to indicate that the sender does not have permission to send messages to the recipient. 

Source code references:

https://github.com/instructure/canvas-lms/blob/master/app/controllers/conversations_controller.rb#L4...
https://github.com/instructure/canvas-lms/blob/master/app/helpers/conversations_helper.rb#L128
 
I am hoping there is some sort of Canvas API that I can query to check if a user has permission to create a conversation for another user. I am not able to easily find such an API. If there is no API for this, what would be the best way to determine whether a user should have permissions?
0 Likes