Authentication within timer
I'm developing a timer that needs global access to stored records.
I've read some other forum posts ( http://support.backendless.com/topic/two-questions-about-security-best-practices-on-backendless ) and saw the recommendation to create a "super-user" with the proper permissions and then log-in/log-out this user when the timer is executed.
Is this still the best way to complete this operation, or is there some other way to connect to the tables? The server-side code should already know the app ID and secret key, since those are stored with coderunner and used during execution.
I've also seen examples (https://github.com/Backendless/JS-Code-Runner/blob/master/examples/handlers/custom/average-stars.js) where the backend code calls Backendless.Persistence.of('whatever') without ever authenticating, and this just seems to work. I'm assuming this is because the backend app exposed the data publicly and thus no auth was required, but I can't tell for sure because it isn't documented.