How to set roles/permissions properly for a channel admin user?

I’m getting 403 Forbidden API responses after creating and a user and making him the channel admin, all through APIs.

Steps to reproduce
Through API I create a normal user, create a team, create a channel, assign the “channel_admin” role to that channel and user. Then I proceed to login as that user to find that there’re permission issues for API calls on the client, like in the image:

Expected behavior
As a “channel_admin” being not Forbidden on those API calls

Observed behavior

Hi thepra,

you did not mention that you added this user to the team, so just to make sure: Did you do that and if so, did you already add this user as a member on this channel and can you verify (in the GUI) that this is the case?

Yeah, I did’t mention that after creating the team I added that user to that team. And that user is in the channel from what I can see from the client. Now I’m wondering, could it be that I should give two roles? Like “channel_user channel_admin”?

Yep, as I thought “channel_admin” alone doesn’t inherit the “channel_user” permissions automatically, so they both need to be specified!

Yes, that’s correct. Roles are cumulative and not inherting each other, so the admin permission is to be set on top of the user permission, like for the system_user and system_admin permission.