Skip to content
Hacktoberfest Hackathon is live / OCT 1 - OCT 31

Go to hackathon

Start building
Back

Multiple Roles or Types

  • 0
  • Databases
  • Flutter
  • Auth
  • Cloud
View on Discord
Red
18 Jun, 2024, 14:50

Hello!

How do I handle this situation

  • I have 2 client apps one for consumers and one for creators
  • They basically have labels: "consumer" or "creator"
  • There's a collection where content is created
  • The documents in this collection have document security, so basically the creator can perform CRUD on there on content
  • I've added a permission on the content collections which has read permission on "consumer" label, so that all consumers can basically view all creators content.

But let's say a creator decides to login into the consumer app and it gives them the "consumer" label and they log back into the creator app, they'd basically be able to view everyone's content even for other creators, of course they wouldn't be able to do update or delete them, but they'll be able to see other creators content in their editor

How can I solve this?

TL;DR
Two client apps (one for consumers, one for creators) with labels "consumer" or "creator." Content collection has document security - creators can CRUD on their content, consumers can view all creators content. Issue: Creator logging into consumer app gets "consumer" label and can see other creator content in creator app, though can't update/delete. Solution: Add additional security rules to check that user logged in with matching label before viewing content, preventing creators from viewing other creators content.
Red
18 Jun, 2024, 14:59

Multiple Roles or Types

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more