Is it possible to set some permissions on atomic counters? For instance I want to disable an ability to reset counter for unregistered user. How can I manage permissions on counters? Thanks.
Hello, Vlad!
No, it’s no possible directly. Permissions are available only for Data, Messaging, Media, Geolocation and Files services and for custom hosted services.
However, you can wrap “reset counter” call into custom method and deploy it as a hosted service. Then you’ll be able to set permissions for this method.
best regards,
Alex
Thanks. But still, reset operation will be available through the atomic counters API, am I right? Of course I can wrap all counter operations I need into methods, and make counter name long and keep it only inside this method, but how much is this secure? It looks like anyone can create as many counters as he wants or reset counters with random names. Is it possible to brake an application in such way?
Thanks
Well, sure it’s possible, but in order to call any API including counters, application ID and client secret key should be used. So, until someone knows your secret key your app data is safe.
However, someone can reset counter by mistake. In order to prevent it you should use “wrapped” counter API inside your client app instead of using “direct” API.