Hello everyone,
I have two tables in my app, one tables name is Data (for example) other tables name is Users. I want only for users that listed in Users table to be able access data in Data table. I have an idea but I think that is not the smartest way to do.
My idea is: to make an get request to table Users with “where” clause and put in it current username, if it is not empty to make get request to Data table.
But that way I make two requests for one item, that is not OK.
I would be happy hear a different methods.
Hello,
Could you clarify the following:
I want only for users that listed in Users table to be able access data in Data table
If not in the Users table, where else would the users be? In other words, if a user is not listed in Users, where else would he/she be defined?
Mark
Thanks for fast answer,
For example there are app users that is not registered in backendless table Users but can use other features of the app, I want for Data table only registered ones to have access.
If a user is not registered in the Users table, or more generally speaking, when a user is not logged in, all API requests handled on behalf of that user will have the NotAuthenticatedUser role. On the flip side, if a user is logged in, the requests are handled with the AuthenticatedUser role. In order to restrict access to data in the Data table (or any other table for that matter), you should configure permissions for one of these two roles. For more information on roles, see the doc:
https://backendless.com/documentation/users/rest/users_user_roles.htm
https://backendless.com/documentation/users/rest/users_global_permissions.htm
https://backendless.com/documentation/users/rest/users_asset_container_permissions.htm
Thanks will try that way.