Collection where Users have 'Read' Permission Won't stream Realtime Events to Authenticated Users.
- 0
- Auth
- Web
- Realtime
- Cloud
I set up a Realtime subscription to an Appwrite collection with the following permissions:
any: [create: F][read: T][update: F][delete: F]
user: [create: T][read: F][update: F][delete: F]
The subscription worked as expected, and the Realtime connection got a response whenever a document was created, updated, or deleted in the collection.
However, then I updated the permissions, so only users could read documents in the collection:
user: [create: T][read: T][update: F][delete: F]
After that, no CRUD change in the collection triggers a Realtime event, despite being authenticated as a user.
I confirmed that my client is properly authenticated when setting up the Realtime subscription by testing the ability to fetch documents using databases.listDocuments()
with databases
instantiated by the same client that subscribes to my collection's channel with Realtime, successfully.
Document-level security is enabled in both scenarios (with the same settings). My client and server code is also exactly the same in both cases (and it's designed to unsubscribe from Realtime and subscribe with a new client instance whenever there is a change in authentication state). The only thing that changed was the collection’s read permission from any
to user
.
I also tried subscribing to more generic Realtime channels such as documents
to receive any changes across the board. Even then, I didn’t receive any events when the permission was set to user.
Expected Behavior: When the read permission for the collection is set to user and I am logged in as an authenticated user, I should still receive Realtime events for create, update, and delete actions (just as I do when the read permission is set to any).
Request for Support: Is there something I'm missing, or is this a potential bug in Appwrite's Realtime handling when user permissions are involved?
Any insights or suggestions would be appreciated.
Thank you for reading!
Can you check the network logs from the browser dev tools? Switch to the web socket tab and look for the connection when you call subscribe. The web socket should start and there should be a few messages. One of the messages should be an auth one and then after that, the user. Do you see that?
Recommended threads
- 2FA Verification Freeze Issue
I attempted to set up 2FA for my account and received the OTP for verification, but the process gets stuck with a `realtime got disconnected` error, causing the...
- Entrypoint function
Hi I am wokring on deployment of project what details we need to fill in entrypoint. https://github.com/reactjsdevelopment/appwrite-demo
- I successfully obtained the user ID, but...
while try below this String userId = (await appwriteService.createPhoneSession(id, phoneNumber)).userId; I successfully obtained the user ID, b...