Hi,
I’ve Noticed that Backendless.Files.listing() returns all the files in the directory even though the current user has no access to read some of them.
Is there a way I can get a list of files in which those files that the User has no permission to read are excluded?
Is there another more simpler way other than just attempting to download each file and seeing if it results in an error or not?
Thanks.
Hi Jake,
You’re correct, the listing API returns all files in a directory. The listing API does not check against the security matrix/policy.
You can make it work differently by storing files in directory matching user’s role or the user himself.
I’m curious what is the use-case in the app that requires that behavior? Why would a user get a list of files he doesn’t know he has access to?
Regards,
Mark