We have a situation where we need to selectively access a Backendless table from within in a Java Custom Event handler. In the cases were we need to limit the results to only records owned by the authenticated user raising the custom event, which is the preferred method in Backendless?
Should we retrieve the current user, perhaps using the API described in the Android/Java docs:
and then explicitly query for records with an “ownerId” column value that matches the “ownerId” value of the current user? (Any additional info about the latter would also be appreciated.)
Or should we Implicity rely on Backendless’s builtin roles and permissions system to limit the results returned by a query to only those records owned by the current authenticated user raising the Custom Event? Here, either the documentation on these pages:
The first argument in your custom event handler is the RunnerContext class:
RunnerContext object you get provides access to:
userId of the user that's logged in on the client side where the event had been dispatched (assuming a user is logged in and you sent the "user-token" header in the API to dispatch the event)
userToken - the same user-token I described above.
user roles - list of roles the logged in user belongs to
If you use our SDK for Java in your custom event handler, you can setup the "context" of the same user (but now on the server-side) using the API call below:
What’s the best way to do this with the Javascript library?
I’m writing a custom event handler with Backendless.ServerCode.customEvent, and would like to connect to the data layer via the Backendless SDK with the authenticated user token.
Similarly to your Java example, I know I can access the user ID / token via the request context. How do I inform the Backendless library to send this token in requests I make with SDK functions?
Within my function, I’ve tried to log several different pieces of the library to try and figure this out:
console.log(req.context.userId); // returns my correct user ID
console.log(req.context.userToken); // returns my correct user token
console.log(Backendless.LocalCache.getAll()); // returns: {}
console.log(Backendless.LocalCache.get("user-token")); // returns: undefined
console.log(Backendless.UserService.getCurrentUser()); // returns: null
Clearly the library doesn’t seem to automatically add this information. I’ve searched the Github repository for the Backendless JS SDK but have been unable to locate a function that adds additional headers to the request. What’s the best way to proceed?
Please try the following. It will set the user token corresponding to the user who made the original invocation. Please note that in Backendless 4 this is done automatically.