Try redeploying the business logic. Also, please email us your coderunner.json file.
I will send the coderunner but I’m not going to use js sdk anymore so I don’t need to redploy the business logic. I’m currently in debug mode, adding services to replace the direct call to backendless and it will take me around an hour or so to do the transition - I will deploy then
I’d like to understand your rationale for not using JS SDK to communicate with the backend. Sounds like there is confusion somewhere here.
I don’t believe there is a confusion. I studied Backendless for a long time now and as I see it this is inevitable.
because I added multi-tenantany support I couldn’t use the owner ACL and needed to let JS role to access the whole table. But at the same time I do need to return only those that are part of their tenant which is done by the handlers.
When handlers doesn’t work, user gain access to the whole table including items relevant to other tenants. To prevent it I need to disallow JS role
Can the same user belong to more than one tenant?
no he cannot.
if a user always belongs to one organization and you need to retrieve objects that “belong” to that user per the “Owner Policy”, why would multi-tenancy have any impact on this?
user is part of organization A,
table PickupTimes has the following:
item1 | org A | owner admin of org A
item2 | org A | owner admin of org A
item3 | org B | owner admin of org B
you cannot use owner because the items are added by admin. given user if of organization A, how will the user get only item1 and item2 ? owner ACL doesn’t apply here
If the items are added by admin, then the ownerId property will be set to the admin’s user objectId. In that case, you’re right - Owner Policy will not work. However, when items are added by admin AND if you know what user those items belong to, then you can set the ownerId property to the objectId value of the corresponding user. In that case, owner policy will work exactly as expected.
The example I provided is not strict to one user
The following users are part of organization A: user1, user2, user3, user4
table PickupTimes has the following:
item1 | org A | owner admin of org A
item2 | org A | owner admin of org A
item3 | org B | owner admin of org B
All users of that organization (user1, user2, user3, user4) should be able to access items of org A.
I know that I can set owner, I did it in the users table because the relation there is 1-1 between the use and the owner. But for all other tables, I cannot use owner ACL.
Anyway, I deployed an update to my application and disabled all use cases that were implemented with JS SDK. I’m writing you about it because you cannot count on my application anymore to test the fix you are planning.
Thank you for trying to assist.
Good Night
Eran