Hi,

If your app was installed with certain scopes, and then the scope changed at some point, the client will need to once again grant permissions to the app in order for you to make the changes that you're looking for.

Thanks for the reply. But how would the scope change at some point (on its own)? I had been testing on my demo apps and everything was working fine and still is, but for that certain installation this got screwed up. I never changed any scopes or anything/code in my app. Please help me understand the issue. And is reinstallation the only choice left?

write_XYZ is a superset of read_XYZ. You don't need to include both in your request. Also if your clients are on lower end plans they don't get access to all the features of Shopify, such as being able to edit themes.

Thanks for the reply. One doubt still remains - how can my demo/test shop get access to all these modification while the client shop has not these things enabled? Also I can see my client to be on some custom theme which in a way would be editable. I should be able to modify/push liquids to the admin panel? I am totally stuck with this. 

Make a get request to /admin/shop.json where you can determine what kind of plan the Shop is on. If they are on a starter plan, you won't be able to make modifications to their themes.

I am sorry but the plan does not seem to be a starter one. 

here are couple of parameters I got from the Shop.

"plan_display_name"=>"professional",
"plan_name"=>"professional",
"google_apps_login_enabled"=>true,
"money_in_emails_format"=>"${{amount}}",
"money_with_currency_in_emails_format"=>"${{amount}} USD",
"eligible_for_payments"=>true,
"requires_extra_payments_agreement"=>false,
"password_enabled"=>false,
"has_storefront"=>true},

Can you please check this? I assume the shop is not on a starter plan. Thanks

Looking at the api permissions for your clients there isn't anything that should be preventing this from working. Are you sure that you are hitting the right endpoint correctly? What does the serialized JSON look like before the request is sent?

Hi Chris,

The installation, which I assumed to be successful as there were no errors, but eventually the changes were not made on the client side. I am making calls through my rails console using the token which I somehow received successfully. Here is the series of calls that I am making.

session = ShopifyAPI::Session.new("clientshop.myshopify.com", "authtoken")
ShopifyAPI::Base.activate_session(session)

output: {"User-Agent"=>"ShopifyAPI/3.2.1 ActiveResource/4.0.0 Ruby/1.9.3",
          "X-Shopify-Access-Token"=>"authtoken"}

theme = ShopifyAPI::Theme.first
widgetsliquid = ShopifyAPI::Asset.new(:key => "snippets/widgetsliquid.liquid", :theme_id => "#{theme.id}") 
widgetsliquid.attach(File.read(File.join(Rails.root, 'lib/assets/shopify', 'widgetsliquid.liquid'))) 
widgetsliquid.save 

output: ActiveResource::UnauthorizedAccess: Failed.  Response code = 401.  Response message = Unauthorized.
from /home/deploy/shopify_app/production/shared/bundle/ruby/1.9.1/gems/activeresource-4.0.0/lib/active_resource/connection.rb:140:in `handle_response'

The scopes remains the same as what I have mentioned in the question above. They were never changed and still are the same. And I have been testing on demo apps and everything is working fine. I am not sure what went wrong here in this case. 

I had a similar problem today too. A Shop with a valid token was used to activate a session, yet trying to do anything raised 401 Authentication errors. The scopes were clearly defined and work for all the other stores in the App DB, and since this shop was newly installed as compared to the many previously installed, seeing it exhibit that behaviour, perhaps there is a strange regression at work?