Permission for the Author of the Document
Hi, Is it possible to set permissions for read, update and delete for only the author of the document? Without having to set it during document creation? for example in firebase we can do something like this if request.auth != null && request.auth.uid == resource.data.author_uid;
By default, it gets automatically populated with the current user.
so if a user creates the document, they by default has permission to read update and delete?
Yes we automatically populate permissions with the current user. Try it out and see
Does it include delete too? if so is there any way to remove delete permission from the current user?
No, in that case, you have to manually pass in what permissions you want to set
That said, if they have update permissions, they can update it to add delete π
Oh, So How would i go about making a document only editable?
A user can update their own permission? is there any way to prevent that
you would have to not expose update access and use an appwrite function instead
then id' have to write a lot of functions to just update data...
you could try making a generic function
The permissions got kinda confusing
@VincentGe maybe we should update this to:
Using permissions, you can decide that only user A and user B will have read, update, and delete access to a specific document...
Hmmmm, is that really different?
As a Suggestion it would be better having a permission system like firebase or finer permission control like preventing users from updating set permissions, etc
only to clarify that user A and user B will be able to delete
π€
