Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 43.9K Get started
Back

Collection where Users have 'Read' Permission Won't stream Realtime Events to Authenticated Users.

  • 0
  • Auth
  • Web
  • Realtime
  • Cloud
View on Discord
deusMarte
24 Oct, 2024, 01:05

I set up a Realtime subscription to an Appwrite collection with the following permissions:

TypeScript
any:  [create: F][read: T][update: F][delete: F]
user: [create: T][read: F][update: F][delete: F]

The subscription worked as expected, and the Realtime connection got a response whenever a document was created, updated, or deleted in the collection.

However, then I updated the permissions, so only users could read documents in the collection:

TypeScript
user: [create: T][read: T][update: F][delete: F]

After that, no CRUD change in the collection triggers a Realtime event, despite being authenticated as a user.

I confirmed that my client is properly authenticated when setting up the Realtime subscription by testing the ability to fetch documents using databases.listDocuments() with databases instantiated by the same client that subscribes to my collection's channel with Realtime, successfully.

Document-level security is enabled in both scenarios (with the same settings). My client and server code is also exactly the same in both cases (and it's designed to unsubscribe from Realtime and subscribe with a new client instance whenever there is a change in authentication state). The only thing that changed was the collection’s read permission from any to user.

I also tried subscribing to more generic Realtime channels such as documents to receive any changes across the board. Even then, I didn’t receive any events when the permission was set to user.

Expected Behavior: When the read permission for the collection is set to user and I am logged in as an authenticated user, I should still receive Realtime events for create, update, and delete actions (just as I do when the read permission is set to any).

Request for Support: Is there something I'm missing, or is this a potential bug in Appwrite's Realtime handling when user permissions are involved?

Any insights or suggestions would be appreciated.

Thank you for reading!

TL;DR
Developers are not receiving Realtime events after changing collection read permissions to only allow users to read, despite being authenticated. They confirmed proper client authentication. No CRUD changes trigger Realtime events. They tried subscribing to generic channels without success. They suspect a bug in Appwrite's Realtime handling with user permissions.
Steven
24 Oct, 2024, 01:20

Can you check the network logs from the browser dev tools? Switch to the web socket tab and look for the connection when you call subscribe. The web socket should start and there should be a few messages. One of the messages should be an auth one and then after that, the user. Do you see that?

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more