Creating a read-only column

Zach_Voss1 · July 5, 2021, 1:37pm

Is there a way to set a column as “read-only” so that a user can query the data but not be able to make changes?

An example would be a unique ID generated by the admin side anytime someone registers. We would want to set that and then never have it change in the future.

Another example would be setting someone’s account permissions by an ID. We wouldn’t want someone to be able to upgrade their account their the API. We would want to control that with our staff.

Is something like this possible?

EDIT: I think what I’m looking for is the ability to update a specific column via REST but not the Javascript API.

Inna_Shkolnaya · July 6, 2021, 6:40am

Hello @Zach_Voss1 ,

Unfortunately, it is not yet possible to prohibit edit only 1 column.

But maybe something from the following will work for you:

We have the ability to customize the visibility for columns. This way users will not see this column;
for now the permissions apply to the whole table;
when you create a new record, you can assign a custom objectId, which will be unique identifier. But this value can no longer be changed.

In any case, I’ll discuss your use-case with the team and we’ll discuss adding such functionality in the future.

Regards,
Inna

Inna_Shkolnaya · July 6, 2021, 9:56am

There is also an option to try to use beforeUpdate event handler. You need to implement the logic for checking the role. And if this is the role for which you want to prohibit editing a column, then exclude this column from the query.

Regards,
Inna

Zach_Voss1 · September 2, 2021, 4:41pm

Hi Inna! Your suggestion was great. Now I am able to block column updates with any of the SDKs. I wanted to confirm that this was the correct way:

Backendless.ServerCode.Persistence.beforeUpdate('my_table', async function(req) {
  delete req.item.my_column;
});

This is working great so far with some light testing!