[SOLVED] Let function make sdk calls as user

Hi there, I've read somewhere that functions can make, for example, database calls but with the given users permissions. I cannot find the docs or code examples of it, where I read that. Where I dreaming about this stuff or can you help me out with the docs or some code example of how to do it? 😄

Thanks in advance!!

Function in Appwrite runs in an isolated enviroment, which means that don't have access to session and other goodies.

In order to connect to Appwrite using function you'll need to create an API key and access the API with that key.

So, in your case you'll need to check variable APPWRITE_FUNCTION_USER_ID to get the current user id, then get that user by ID using the Users Server SDK.

For example, if your function is writtin in Node

 const userId = req.variables.APPWRITE_FUNCTION_USER_ID ?? '';
 const user = await users.get(userId);
 // Use this User object       

Hey @Binyamin thank you for your answer! Mhh I think I haven't described my problem correctly. I want the function to 'mimic' like a user. So when I call something like this in the function: database.listDocuments(DOCUMENT_ID, COLLECTION_ID); It should only list the documents the APPWRITE_FUNCTION_USER_ID has read permissions to.

Got you

The listDocuments function can get all user by function either by session or by JWT token. And for now the only way to get the a JWT token for a given user is by running the createJWT() in the client side https://appwrite.io/docs/client/account?sdk=web-default#accountCreateJWT

The generated JWT is valid for 15 minutes.

With this in mind the quick workaround would be just to generate and send the JWT when execution a function from a client side.

But, if this is irelvant then it seems like you'll need to add another (maybe array of strings) field into the docuement that will include the users allowed IDs

Yes, perfect this is what I was looking for! 🙂

👍

Also, you can upvote https://github.com/appwrite/appwrite/issues/5169 for letting query by permission with the listDcoument() function

Done that <:appwriterocket:823996226894692403>

Thank you for your help!<:appwritecheers:892495536823861258>

[SOLVED] Let function make sdk calls as user

Just realizing I cannot really write a test for this usecase.. Or can I create a JWT token in node.js server side? @Binyamin

For now this could be your quickest solution

Mhhh

You can upvote this issue https://github.com/appwrite/appwrite/issues/3891

This will give you the other missing part to be able to be the user in Server side

Yeah that would be great!

Hi @Binyamin i have to come back here again for some more investigation into this... I found that there is a APPWRITE_FUNCTION_JWT which is given to the function automatically the same way APPWRITE_FUNCTION_USER_ID is given automatically to the function correct?

Cool, Never realized that before. Then yes

So I could simply create the client like this with the jwt token

client
    .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint
    .setProject('5df5acd0d48c2') // Your project ID
    .setJWT(req.variables['APPWRITE_FUNCTION_JWT']) // Your secret JSON Web Token
;```

Nice 😄

Yes