
Please help with this code. I'm trying to get data by permission but it doesn't work ?
Nextjs + node-appwrite.
export async function GET() {
try {
setToken();
const userId = headers().get("x-user-id")!;
const boards = await appwriteSDK.databases.listDocuments(
DB.id,
DB.collections.BOARDS_ID,
[
Permission.read(Role.user(userId))
]
);
return NextResponse.json(boards);
} catch (error) {
return NextResponse.json({ error });
}
}
export async function POST(request: NextRequest) {
try {
setToken();
const board = await request.json();
const userId = headers().get("x-user-id")!;
const saved = appwriteSDK.databases.createDocument(
DB.id,
DB.collections.BOARDS_ID,
ID.unique(),
board,
[
Permission.read(Role.user(userId))
]
);
return NextResponse.json({ saved });
} catch (error) {
return NextResponse.json({ error });
}
}

hi @Мухаммадамин Server SDK is for server needs, and it by passes the permissions, so you should only use it in secure environment. and don't expose it to direct users.

you can use client sdk for web for your project

@kamal.panara Hi, thank you for the message. However I faced CORS issue with PATCH method in appwrite
on client-side and I couldn't solve it at all, there was no other way to solve the issue.

Did you created post for that issue here on support channel?


In my code, the create function (post method) is working well but GET is not getting the documents.
I don't understand how to use permissions when fetching the documents ? (now, this is the main issue)

Okay got it

You can learn more about using permissions here https://appwrite.io/docs/products/databases/permissions
Recommended threads
- Is it possible to getRow with all relati...
With the new Opt-In relationship loading, is it possible to query getRow to get all attributes and relationships and possibly even cascading relationships? I tr...
- TableDB.getRow() response does not conta...
This is for Web/React sdk 20.0.0 The row was created via `TableDB.createRow(...)` and I can see it in the console with the relationships correctly set. In the c...
- Permissions for bulk operation
Hi team, I have a question: “In the databases.createDocuments bulk API, can I set document-level permissions? If yes, how exactly should I include the permissio...
