In my app I have 1 table for each team using the app, which allows 2 levels of access - level 1 means users can only see the items they created, and level 2 means the user can see all items accross the team within the table. Using the Backendless security settings this is trivial.
My problem comes when trying to have a third level of access that can retrieve items across all teams (tables) in the app. I’ve tried many different approaches and none seem to work. Making a master table with a copy of every item (using an after-create business logic function) for level 3 users to access has all sorts of problems around keeping track of updates between the 2 copies of each object.
Relations don’t seem to work either since each column in any master table can only map to 1 child table, so I have to create another column every time I create a new team table and then retrieving the data becomes a nightmare.
What I need is to be able to have each table be populated by its users (this part works perfectly) and then have certain users that can retrieve data objects across all tables. Something like the Join function in SQL I think?
Any help would be greatly appreciated.
A single operation of data retrieval in Backendless always works with one table. It is not clear to me if you’re asking whether it is possible to retrieve data with a single call from multiple tables OR how to restrict access so only specific users would have the permission to load data from multiple tables. Could you please clarify?
Thanks, that answers part of my question - so I can only access one table per request. Is there a way to list all of the current tables before retrieving them in a loop?
Can you suggest a more elegant way of defining 3 nested levels of access in Backendless? Retrieving data at an owner and table level work extremely well, with access rights being easy to define, I just need one more level.
Thanks for your help,
For your 3rd level of access I would recommend creating a custom user role, setting necessary permissions for the tables in question for the role and then assigning the users who need that permission to the role.