Restrict Oauth

Then go woth either the first option to limit the user number. This will let you create the user using a Server side SDK. But no user will be able to create account

TL;DR

Solution: To restrict OAuth access, there are a few options: 1. Remove the user from the permissions. 2. Move the document fetching process to a function. 3. Create a role for each user and move the creation process to a function. When a user is removed, remove their role and permissions. To restrict access to only certain users in a team, you can use a condition like `user == user && team == "special access"`. However, this will still allow any team member to read the documents. To mitigate this, you can move the creation process to a function and only give access to team members. This way

Or you can go with a verified user teams logic

Check this thread https://discord.com/channels/564160730845151244/1119288764792049695/1119288764792049695 about the verified logic

also i wonder how do i send custom emails using appwrite functions?

thanks i will check this

You'll need to use an external SMTP service. There is no way of using Appwrite mailer for custom emails at the time

so i need to use libraries like node mailer or something with smtp

Exactly

i have another question... currently i have a team called special members i add. them to the team after being verified and they can start creating the documents

Okay?

when i remove the user from the special access. the user is still able to read this document

How did you removed the user special access

i dont want the user to access the data unless hes given the special access

removing from the team

Okay. And what is the document and collection permission?

As if the user is creating a document using the Client side SDK then the user will get reading permission for the user id. And not only because the user is in a specific team.

Document Security is turned on

So in your case after removing a user from a team you need to make sure to remove permissions from every document created by the user.

what if the documents are more?

cant we somehow restrict them

If you want to mitigate this You can move the creation process to a function and then give only the team members access.

If you do this then any time you'll remove a user from a team the reading access will also get block

but anyone in the team can read the documents

This what you wanted, don't you?

i want it something like user == user && team == "special access"

if one of them is false then the access should be restriced

Ohh, then you'll need to go with:

Removing user from the permissions. Or
Move the whole document fetching to a function. Or
Create a role - per user - move the creation to a function. Then when the user is removed remove the user from the team and remove is role.

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more

Recommended threads

Need support?

Join our Discord

Get premium support