Codeless data browser permission - set permission to single db entry

Bartosz_Cybulski · January 19, 2022, 11:55pm

Hi,
I have a problem to set role permission to single database entry ( to a single asset ). I am following the instructions described in docs (Asset Permissions - Backendless SDK for JavaScript API Documentation), which clearly states that after clicking lock icon for selected item I am able to change permissions for selected users and roles. However I do not see “Roles permission” tab after clicking lock icon.

Screenshot from docs -

Screenshot from my environment -

How can I set permissions for selected role ?

sergey.kuk · January 20, 2022, 9:48am

Hello @Bartosz_Cybulski

Welcome to our community and thank you for trying out Backendless.

We are sorry but role acl future was removed, I will create an internal ticket to fix the documentation.
So only object acl for users is available.

Bartosz_Cybulski · January 23, 2022, 10:15pm

Thanks @sergey.kuk for response.

So if that feature was removed, can you advice me how can I restrict access to selected item for group of people ? Is there an alternative ?

mark-piller · January 24, 2022, 12:57am

Hi Bartosz,

To help us suggest an alternative, could you please share some details about the use-case you’re pursuing. What are you trying to achieve?

Regards,
Mark

Bartosz_Cybulski · January 24, 2022, 9:31pm

Hi,

I have restaurants saved in single table in database and I want to manage visibility of every single place by allowing certain group of people to view it.

For now I have only two groups of users:

testUser - can see all restaurants in table ( the purpose of that excercise is to provide a way to verify, how the restaurant object is entered in frontendApp running in production env)
authenticatedUser - can see all restaurants except test ones

In future we wanted to encorporate managing role ACL for selected asset for more roles.

My basic idea was to assign the most restric acl for database table, and than modify selected item’s role acl.

I have also implemented some servercode services in Java so I am able to filter out some restaurant objects based on some property for example, however the downside of that solution is that it will be harder to exclude related objects to selected restaurant in query results. (As I have tested that with my solution ACL feature for users excludes both asset and related objects from query results).

Regards,
Bartosz

mark-piller · January 24, 2022, 10:32pm

Hi,

For the scenario you described, the best approach would be to implement either afterFind event handler where you can filter out unnecessary objects based on the user’s role, or use a custom API service. The custom API service implementation would be my preference.

Regards,
Mark