# 🔐 AppWrite Permissions Fix Guide

## Current Issue ❌
**Error**: "401 Unauthorized - The current user is not authorized to perform the requested action"

**Cause**: Your AppWrite collections have incorrect permissions. Users cannot access their own data.

## Quick Fix Steps ✅

### Step 1: Access AppWrite Console
1. Go to: https://appwrite.webklar.com
2. Login with your credentials
3. Select project: `6963df38003b96dab5aa`
4. Go to: Databases → `amazon-extension-db`

### Step 2: Fix Permissions for Each Collection

**For EACH of these 5 collections**:
- `amazon-ext-enhanced-items`
- `amazon-ext-saved-products`
- `amazon_ext_blacklist`
- `amazon-ext-enhanced-settings`
- `amazon-ext-migration-status`

**Do this**:
1. **Click on the collection name**
2. **Click "Settings" tab** (not "Attributes")
3. **Scroll down to "Permissions" section**
4. **Set these exact permissions**:

   **Create Permission**:
   - Click "Add a permission"
   - Select: `users` (any authenticated user can create)
   - Click "Add"

   **Read Permission**:
   - Click "Add a permission" 
   - Select: `user:$userId` (users can only read their own data)
   - Click "Add"

   **Update Permission**:
   - Click "Add a permission"
   - Select: `user:$userId` (users can only update their own data)
   - Click "Add"

   **Delete Permission**:
   - Click "Add a permission"
   - Select: `user:$userId` (users can only delete their own data)
   - Click "Add"

5. **Click "Update" to save**

### Step 3: Verify Fix
1. **Reload your extension** in Chrome
2. **Go to Amazon** (amazon.de/s?k=smartphone)
3. **Check console** - should see no more 401 errors
4. **Test Enhanced Items** - should work without permission errors

## What These Permissions Mean 📋

- **`users`**: Any authenticated (logged-in) user
- **`user:$userId`**: Only the user whose ID matches the document's `userId` field

This ensures **data isolation** - each user can only see and modify their own data!

## Expected Result ✅

After fixing permissions, you should see:
```
✅ AppWrite connection successful
✅ Collections accessible with correct permissions
✅ Real-time sync working
✅ No more 401 Unauthorized errors
✅ Users can only access their own data
```

## Alternative: Temporary Testing Fix 🧪

If you want to test quickly, you can temporarily set ALL permissions to `users`:
- Create: `users`
- Read: `users` 
- Update: `users`
- Delete: `users`

**⚠️ WARNING**: This allows all users to see all data! Only use for testing, then change back to `user:$userId` for production.

## Troubleshooting 🔧

**Still getting 401 errors?**
1. Make sure you're logged in to the extension
2. Check that all 5 collections have the correct permissions
3. Try logging out and back in to the extension
4. Clear browser cache and reload extension

**Can't find permissions section?**
1. Make sure you're in the "Settings" tab (not "Attributes")
2. Scroll down - permissions are at the bottom
3. You need admin access to the AppWrite project

**Permission options not showing?**
1. Make sure you have the correct AppWrite version
2. Check that you have admin rights to the project
3. Try refreshing the AppWrite console page