在尝试添加优惠券时，Magento API会拒绝访问

Question

I am using the SOAP API for Magento (v1.5.1.0) and have managed to get the entire process of creating a cart, adding user, adding billing/shipping addresses, payment methods, etc. working, however I cannot get Coupons to work.

The code I'm using is as follows:

    if ($couponCode != '') {
        try {
            $result = $this->magentoservice->shoppingCartCouponAdd($sessionId, $cartId, $couponCode);                
        } catch (Exception $err) {
            return $this->returnError($err->getMessage());
        }
    }

I've tried with both a guest user and a registered user and I keep getting the same exception thrown - "Access denied.". As far as I can see from the limited documentation and forums posts this isn't even an expected error.

$sessionId and $cartId are definately valid. The $couponCode if entered directly on the magento frontend works.

Can anyone advise me how I might be able to solve this?

Answer 1

Thanks to John I got an answer on the magento.stackexchange.com site.

https://magento.stackexchange.com/questions/2729/magento-api-gives-access-denied-when-trying-to-add-a-coupon

The problem was that the api roles did not include access for coupons. However the reason I did not see this was due to it not showing on the backend.

Editing the api_role table directly I was able to set the 4 records for cart coupons to allowed.

Answer 2

To build upon @Hyarion's answer, the problem for me in Magento v1.7 with receiving Access Denied was that the Coupon permissions do not appear in the Admin > System > Web Services > xxx Roles > (select Role) > Role Resources so I could not enable them for my API user.

The fix that worked for me was to run this database query, which should affect 3 records (per role):

update api_rule set api_permission='allow' where role_id=1 -- Replace with your desired role id and resource_id like 'cart/coupon%'