I have implemented saving a player's profile photo to their Files. I am trying to use GetFiles
PlayFabDataAPI.GetFiles
to download the profile photos by other players, but get the Not Authorized message (/File/GetFiles: NotAuthorized) I assume this is because players cannot access the files of other players. I have updated the global policy:
{ "Action": "Read", "Effect": "Allow", "Resource": "pfrn:data--*!*/Profile/Files/*", "Principal": "*", "Comment": "Anyone can see files", "Condition": null },
But that hasn't helped. Is there a way to authorize this so that players can see the profile images of their friends or other players?
Or are there any examples of how to do this?
I am using Unity.
I also implement the Entity Policy to enable the read permission of Files, and it works fine for me. How do you define the request of GetFiles API? Is the Title Player Account Entity of target player defined in the request?
In addition, Please also review the Policy content and make sure there is no other files related entries that may interfere the one you have posted.
My policy is below, and it is the same as yours.
{ "Action": "Read", "Effect": "Allow", "Resource":"pfrn:data--*!*/Profile/Files/*", "Principal": "*", "Comment": "see files", "Condition": null },
Thanks for the reply. I checked the policy and it doesn't have any other files related entries. Just default + files entry
I am storing the files in the master account, not title files.
void LoadFileMetadataForUser(string userID) { var request = new PlayFab.DataModels.GetFilesRequest { Entity = new PlayFab.DataModels.EntityKey { Id = userID, Type = "master_player_account" } }; PlayFabDataAPI.GetFiles(request, OnGetFileMeta, OnSharedFailure); } void OnGetFileMeta(PlayFab.DataModels.GetFilesResponse result) { foreach (var eachFilePair in result.Metadata) { if( eachFilePair.Key == "profile.jpg") GetActualFile(eachFilePair.Value); } } void GetActualFile(PlayFab.DataModels.GetFileMetadata fileData) { PlayFabHttp.SimpleGetCall(fileData.DownloadUrl, result => { Debug.Log("profile image download success"); }, // Finish Each SimpleGetCall error => { Debug.Log(error); } ); }
I may need more tests on Files in master player account. It is more common to store Entity Files in Title Player Account. Usually many actions from players, which apply to another master player account will be denied, but there is no document mentions. I will dig into later and I suggest using title player account because it simply works.
I had tried in the title player account too but got the same not authorized message.
2 People are following this question.