Get specific user data from Backendless to dropsource

Jaydah_Hayden · December 8, 2019, 3:59am

I’m trying to be able to get data from specific user or have certain data displayed when a user login to the dropsource app. How do I do that, so when I call the request from dropsource to Backendless it displays the dats from a login user

mark-piller · December 8, 2019, 2:36pm

Hi Jaydah,

To to get information about a specific user, you need to run an API request into the Users table with a query which will retrieve that user. Here’s the documentation on how to structure queries in the API:
https://backendless.com/docs/rest/data_search_with_where_clause.html

Regards,
Mark

Jaydah_Hayden · December 13, 2019, 12:25am

Can I associate the users ownerID with certain tables to call data for that user? And when I call the API request from dropsource I call 2 different api requests one for the data and one for the user ?

vladimir-upirov · December 13, 2019, 8:27am

Hi @Jaydah_Hayden

Backendless provides a such feature out of box, just configure corresponding OWNER permissions for tables and make sure you make requests as authenticated user

And you will be able to retrieve only objects created by specific user in a single api call

https://backendless.com/docs/rest/data_security.html

[LAYER 5] Owner Policy.
When a new object is created in Backendless, the system automatically links it with the account of the user that made the call to save the object. You can see that information in the 'ownerId' column in any of your tables in the data browser. With the association between objects and users (owners), Backendless provides a way to control whether users can get access to the data they created. This is done through a concept we call ‘Owner Policy’. To navigate to Owner Policy, select a table in the data browser and click the PERMISSIONS menu. Click the OWNER POLICY menu item.
Granting a permission for an operation in Owner Policy, guarantees that the objects owned by the current user will be allowed access for the specified operations. Denying a permission, takes out the ‘owned’ objects from the collection of candidate objects to return.

Regards, Vlad

Jaydah_Hayden · December 8, 2019, 6:19pm

So do I do that where I generate the api and when I call the request it will include the where clause ?

mark-piller · January 20, 2020, 11:12pm

No, this does not require a where clause. This will ensure that the response contains only the objects which belong to the current user.