[CLOSED] Comparing User ID in Authorization with Document Owner in PHP Server Function
I'm currently working on a PHP server function that involves deleting a document and setting permissions. I want to compare the user ID from the authorization with the owner of the document. If they match, the user should have permission to delete the document. What is the correct way to compare them?
Hi, here is me thinking out loud:
You want to compare the logged-in user's ID with the document's owner. To do that, you first need the logged-in user's ID.
Assuming the frontend sends a request to your PHP server function with the JWT (Token after user logs in):
Use JWT to make a request to get user's details
Assuming you have the documentID, you can fetch the document using https://appwrite.io/docs/server/databases?sdk=php-default#databasesGetDocument
if you do not have ID, ammm, first of all, make some criteria to know the documentID and or use listDocuments https://appwrite.io/docs/server/databases?sdk=php-default#databasesListDocuments and maybe you can loop. The more specific your criteria, the fewer documents you'll likely have to loop through
Finally, compare the user ID from the authorization with the document's owner. If they match, delete the document something like:
if ($document['$owner'] == $userId) {
// Delete the document
$database->deleteDocument('YOUR_COLLECTION_ID', $documentId);
echo "Document deleted";
} else {
echo "You are not the owner, cannot delete.";
}```
I was thinking about another way, to use the function getUser and after you get the userId than compare with the owner of the document? Can this solution be correct also?
sure, as mentioned above, you would need documentID for that
Okay, thank you
[CLOSED] Comparing User ID in Authorization with Document Owner in PHP Server Function
Thanks, it works
awesomeeeee
glad to know
