Skip to content
Announcing the Appwrite X MongoDB partnership
Start building
Back

Relationships and permission.

  • 0
  • Databases
View on Discord
Capone
9 Feb, 2024, 14:55

I have a database that has collections of userData and lists. A user is in a one to many relationship with lists. I want to know if its possible for any user to access the lists documents without being able to access the userData document that it is related to.

I have given the lists document permissions of any:read, and the userData can only be read by the user it belongs to. Is this possible?

TL;DR
Developers are trying to allow users to access certain documents without being able to access related documents. The issue is that once permissions are added back to the userData document, the user receives an error message saying they are not authorized. The desired outcome is to have users able to access lists documents while restricting access to the userData document it is related to. A solution could be to enable document security and implement a function that applies read-only permissions for the user.
Capone
9 Feb, 2024, 15:10

Just to update - I removed all permissions for the userData document and requested the list document. This returned the document fine with the ownerData attribute as null. This is what I want. However, once I add the perms back to the userData document so it can be read by the user, it returns - 'The current user is not authorized to perform the requested action.'

Ireneus
9 Feb, 2024, 15:15

i think you need document security enabled and a function to apply read only permissions for the user

Ireneus
9 Feb, 2024, 15:15

on that document

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more