Create Documents that should be visible to only users that created them
- 1
- Databases
- Flutter
- Cloud
Hello folks! In my flutter app, I want to allow users to only be able to read/update/delete the documents that they themselves created. I've already created an email session and stored the userId in my localstorage using shared preferences. I'm trying to assign permissions while the user is creating documemts by doing this:
taskList.forEach((task) {
AppwriteService.database.createDocument(
databaseId: Strings.databaseId,
collectionId: Strings.collectionId,
documentId: ID.unique(),
data: task.toJson(),
permissions: [
Permission.read(Role.user(Constants.userId)),
Permission.delete(Role.user(Constants.userId)),
Permission.update(Role.user(Constants.userId)),
],
).then((value) {
if (value.data.isNotEmpty) {
print('Success');
}
});
});
But I'm getting an error saying "AppwriteException (AppwriteException: user_unauthorized, The current user is not authorized to perform the requested action. (401))". What exactly am I doing wrong? Also, should I be doing it this way (the taskList I am iterating through is a list of all tasks I want to store for that specific user).
I'm using Appwrite cloud, not local
What permissions did you set on the collection?
Umm I need to set permissions on the collection?
Yes, by default, no users have access to create documents
Oh! Okay I updated my collection permissions and have allowed everything. I'll try again. But I'm curious as to why collections have no default permissions. I mean wouldn't it make more sense to keep a create and update permission by default?
No because what if you really don't want anyone to be able to create anything?
And we'd rather have secure/no access by default rather than have users accidentally expose their collections
what's the db structure like?
Does each user have a collection for them? Or does each user have a document in the collection?
Also, have you enabled document security on the collection?
I initially was going to do a separate collection for each user, but after a discussion in <#564160731327758347> I learned that Appwrite has permissions through which I can achieve the same result I want. Essentially I want a user to be able to view/update/delete only the tasks they've created. I'm actually a newb at designing backends/dbs so I would appreciate any input on which approach to take: Whether to create new collection for each user or use document permissions.
Yes
In general, I recommend starting with a collection per data type. Then, you can break things out into separate collections as needed
Alright, thanks! I'll update on what happens with the permissions as well!
Recommended threads
- Need Help with Google OAuth2 in Expo usi...
I'm learning React Native with Expo and trying to set up Google OAuth2 with Appwrite. I couldn't find any good docs or tutorials for this and my own attempt did...
- Got message for auto payment of 15usd fo...
how did this happen? 1. i claimed my 50usd credits via jsm hackathon - https://hackathon.jsmastery.pro/ 2. it asked me which org. to apply the credits on, i se...
- Apple OAuth Scopes
Hi Hi, I've configured sign in with apple and this is the response i'm getting from apple once i've signed in. I cant find anywhere I set scopes. I remember se...