Please read my thread
Observe the video
This is the model of thread:
class Thread extends Equatable {
/// {@macro report_thread}
const Thread({
required this.id,
required this.parentRef,
required this.message,
required this.createdAt,
required this.attachIds,
required this.parentType,
this.author,
this.hasChild = false,
this.isChild = false,
});
/// From Json
factory Thread.fromJson(Map<String, dynamic> json) {
return Thread(
id: json[r'$id'] as String,
parentRef: json['parentRef'] as String,
author: json['author'] != null
? User.fromJson(
json['author'] as Map<String, dynamic>,
)
: null,
createdAt: DateTime.parse(json[r'$createdAt'] as String).toLocal(),
message: json['message'] as String,
hasChild: json['hasChild'] as bool,
isChild: json['isChild'] as bool,
parentType: ThreadParentType.fromString(
json['parentType'] as String,
),
attachIds: (json['attachIds'] as List)
.map(
(item) => item as String,
)
.toList(),
);
}
/// ID of Report Thread
final String id;
/// Report ID reference
final String parentRef;
/// Author of Report Thread
final User? author;
/// Attachments of Report Thread
final List<String> attachIds;
/// Message of Report Thread
final String message;
/// Created At of Report Thread
final DateTime createdAt;
/// Indicate what type of parent this thread is
final ThreadParentType parentType;
/// Indicate that this thread is child or not
final bool isChild;
/// Indicate that this thread has child or not.
final bool hasChild;
As you can see the User
property is a nullable data type, it because the author can be null because this user might not have the permission to read the user that associate with this thread.
However, when there is a new event of realtime it bypass the permission. He can see the Author. Because the Realtime event itself it provides the Author in payload. It seems there is no guard or middleware on the realtime
The Muslimin Ontong, is provided by Realtime Event, not from fetching documents.
When I fetch documents, it gets my expectation. The User author
will be null since that user does not have the permission. I hope you guys understand what is the goal of this problem
If you are curios, how does Administrator generate? THen this is the flow
Recommended threads
- Getting payload is too large response fr...
I'm encountering a 412 "Payload Too Large" error while trying to upload a 100MB file via Appwrite function to an external storage service api. Could you suggest...
- I do SSR auth. What's the best way to se...
I am currently handling authentication entirely server-side via an `/api/auth` endpoint, so I don't have any Appwrite client instances running client-side. Ho...
- Network Error on upload
am trying to upload files but am gettin ` Error uploading image [AppwriteException: Network request failed]` ```ts export const uploadDriver = async (file: Ima...