Creating a custom script

Built-in code editors give you a chance to build any integration you require. Possibilities are endless - your limit is your imagination. There are a couple of things to keep in mind when creating a task. 1. Permissions

To maintain the highest level of security, the app requests only very basic permissions when installed. However, when creating a task, some additional permissions might be required. For example, you might need the write_orders permission to add a tag to an order. The app automatically detects the required permissions when the task code is compiled. However, you need to assist the compiler a bit. When defining REST/GraphQL requests do it at very top of the script:

{%- comment -%}Start REST and GraphQL definitions{%- endcomment -%}
{% capture mutation %}
  mutation tagsAdd($id: ID!, $tags: [String!]!) {
    tagsAdd(id: $id, tags: $tags) {
      node {
        id
      }
      userErrors {
        field
        message
      }
    }
  }
{% endcapture %}

Next, you can use dummy input to tell compiler what variables it should expect.

{%- comment -%} Feed compiler with dummy values to evaluate permissions required.{%- endcomment -%}
{% if mode.compiler %}
  {% json dummy_mutation_variables %}
    {
      "id": "gid://shopify/Order/123456",
      "tags": "test"
    }
  {% endjson %}
  {% assign result = mutation | graphql: dummy_mutation_variables %}
{% endif %}
{%- comment -%}END REST and GraphQL definitions{%- endcomment -%}

Above code snippet won't be executed when your task actually runs. It is because it is wrapped in if condition. mode.compiler is set to true only when creating/editing task.

After adding the above code, the compiler knows what to expect from your task and can easily evaluate the permissions it needs to run. You can now save it and return to the app dashboard. You will be prompted to update app permissions.

Here is how you would tell compiler about any REST request: