Forum | Appery.io

Catch up wih the Appery.io community on our forum. Here you'll find information on the lastest questions and issues Appery.io developers are discussing.
https://forum.appery.io/

read and write permission only for user who create the record

https://forum.appery.io/viewtopic.php?t=7910

Page 1 of 1

read and write permission only for user who create the record

Posted: Mon Jun 15, 2015 10:58 am
by Giorgio Draghetti

I need to register some user activities on the DB as records.

Am i correct if i say that the ACL object is the only data protection?
It is correct that without any ACL record config any DB user can read any DB records?

The activities that i need to register are personal activities. Only the user who create them has to have access in read and write mode.
If i well understood, for my scope, the ACL object needs to be like this:
{ "*": { "read":false, "write":false }, "xxxxxx" : { "read": true , "write": true } } }
where xxxxxx is the "_id" of the user who create the record.

Now my question is: how do i map the user ID in the name of the object?

I tried this:
Image
but it doesn't work: the resulting acl is this { "*": { "read":false, "write":false }}

Thanks in advance

read and write permission only for user who create the record

Posted: Mon Jun 15, 2015 3:36 pm
by Serhii Kulibaba

Hello Giorgio,

Please add mapping arrow from userID to acl and add JS for this mapping:

return { "*": { "read":false, "write":false }, '"' + value + '"' : { "read": true , "write": true } } };

read and write permission only for user who create the record

Posted: Fri Jun 19, 2015 7:05 am
by Giorgio

Sorry for delay.
Thanks for your answer, was not so obvious for me.
Your code needs a little correction:

codevar s= '{ "*":{"read":false, "write":false}, "'+value+'":{"read": true , "write": true}}';
return JSON.parse(s);/code

All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited