Backendless Support
 

Updating a user account using User Service API

The use-case for updating a user account is rather frequent. Either the user herself or the admin may need to update user properties. Backendless provides the API for updating user accounts, although app admins/developers can do it using Backendless console as well.

The code below demonstrates the API for updating a user.

Synchronous API (Plain Java only):
System.out.println( "[SYNC] Updating user object." );
BackendlessUser user = Backendless.UserService.login( "spiderman@backendless.com", "greeng0blin" );
user.setProperty( "name", "Spidey Man" );
user = Backendless.UserService.update( user );
System.out.println( "User has been updated" );
System.out.println( "Name - " + user.getProperty( "name" ) );
Asynchronous API (Plain Java and Android):
System.out.println( "[ASYNC] Updating user object." );
Backendless.UserService.login( "spiderman@backendless.com", "greeng0blin", new AsyncCallback<BackendlessUser>()
{
 @Override
 public void handleResponse( BackendlessUser backendlessUser )
 {
 backendlessUser.setProperty( "phone", "212-555-1212" );
 Backendless.UserService.update( backendlessUser, new AsyncCallback<BackendlessUser>()
 {
 @Override
 public void handleResponse( BackendlessUser backendlessUser )
 {
 System.out.println( "User has been updated" );
 System.out.println( "Phone number - " + backendlessUser.getProperty( "phone" ) );
 }
 @Override
 public void handleFault( BackendlessFault backendlessFault )
 {
 }
 } );
 }
 @Override
 public void handleFault( BackendlessFault backendlessFault )
 {
 }
});
NOTICE: the code logs in the user first. If the user is logged in, the user update operation is handled with the same security rules as updating any other data object by its owner (this will be reviewed in detail in a future post).

It is possible to update a user object without logging in as that user. Consider the following example.

Synchronous API (Plain Java):
System.out.println( "[SYNC] Updating user object without login." );
BackendlessUser user = new BackendlessUser();
user.setProperty( "objectId", "8F70A260-A415-DECC-FF1F-0B70FF98BD00" );
user.setProperty( "age", 32 );
user = Backendless.UserService.update( user );
System.out.println( "User has been updated" );
System.out.println( "Age - " + user.getProperty( "age" ) );
Asynchronous API (Plain Java and Android):
System.out.println( "[ASYNC] Updating user object without login." );
BackendlessUser user = new BackendlessUser();
user.setProperty( "objectId", "8F70A260-A415-DECC-FF1F-0B70FF98BD00" );
user.setProperty( "age", 32 );
Backendless.UserService.update( user, new AsyncCallback<BackendlessUser>()
{
 @Override
 public void handleResponse( BackendlessUser backendlessUser )
 {
 System.out.println( "User has been updated" );
 System.out.println( "Age - " + backendlessUser.getProperty( "age" ) );
 }
 @Override
 public void handleFault( BackendlessFault backendlessFault )
 {
 }
} );

The approach shown above requires knowing objectId of the user object. This operation can be easily restricted only for the specific users/roles using Backendless console:

  1. Login to Backendless console, select an app and click the Data icon.
  2. The Users table is selected by default. Click the Table Schema and Permissions button in the upper right corner.
  3. Click Role Permissions to grant the permission to update other user objects to a role.
  4. In the sample app the assumed developer obtains the Administrator role. The screenshot below shows that the Administrator granted a permission to update user accounts to that role and denied it to all others:

Is article helpful?