I’ve created application role “AdminUser”, and uploaded file readable to “AdminUser” only.
After logging in with user having two roles, “AdminUser” and “AuthenticatedUser”, I wan’t able to download file even though “user-token” header added to request.
FYI, Backendless.UserService.getUserRoles returns “AdminUser” and “AuthenticatedUser”.
When I change the file readable to “AuthenticatedUser”, it downloads properly. (which means that there’s nothing wrong with user-token value)
Below is source code for download, I have attach screenshot of roles permission for the file.
It doesn’t work. I don’t think this is token issue because when I change file permission readable to “AuthenticatedUser”, I was able to download.
The problem is file ACL for developer created roles - whether I use your code to get token or my code, I was not able to download file when I made file readable to “AdminUser” ONLY.
Could you try adding a role like “AdminUser”, upload a file and make it readable just to AdminUser, and then login with user with “AdminUser” role and try to download.
Notice, I do not have any explicit user permissions. You can see all the permissions for the user are inherited - thus there are no explicit permissions for the user. When you add a user, you can see the inherited permissions to know how Backendless will handle any of the operation for the given user.
I have no idea why I keep getting response 400 when I make the file readable only to AdminUser.
As I wrote before, getUserRoles correctly returns AdminUser and AuthenticatedUser.
Can I give you app-id and loginId, password so you can try?
I have attached screenshots.
Thanks Mark, it’s woking.
I thought that since “AuthenticatedUser” doesn’t require explicit grant, I thought it would be the same for “AdminUser” that without grant checkmark, file would be still readable to “AdminUser”.