Method Authorization and data permission

+1 vote

Hi,
   App42 is very great, 
   I use ACL Enable app, and want to  use the Method Authorization for storage, and thank about the security.

  My app will online soon, but I encounter some problems:

  Problem 1: when I Grant Access for storage -> All, all is ok, But when I Grant Access for storage->FindDocumentByKeyValue only, And I call FindDocumentByKeyValue, app mentioned me: "UnAuthorized Access","details":"Client is not authorized.   

 It seems that when remove "Grant Access for storage -> All" , and add "grant access for storage-> FindDocumentByKeyValue", I lose storage service access permission .  I have Authenticated current user. I think it may be a bug. 

thank you!

Problem 2:  Use ACL enable app, when I call FindDocumentByKeyValue/FindAllDocuments, i expect it return the document which the owner is me, but now it return some documents which not belong to me. This may damage to my app.

Some document is important, I expect all the other user can't call the FindDocumentByKeyValue/FindAllDocuments to get  important document which not belong to them.


Problem 3:  Is there a way to make some documents not read for other user?  I want to set some data permission: not read for other user. The ACL enable app's permission is PUBLIC/read, that means other user can read my important data, this will damage to my app.

Problem 4: I use acl enable app, When i first open the app, and i haven't Authenticated, i want to call mCustomCodeService.RunJavaCode("GetRoleNameAndPassword", jsonBody) to get the rolename and password, after get the rolename and password, i can authenticate, but i haven't any permission to use customcode service . Is there a way to help me?


Thank you for your reply.

asked Jun 5, 2014 in App42 Cloud API-BaaS by wuqiudongonmyway (30 points)
edited Jun 5, 2014 by wuqiudongonmyway

1 Answer

0 votes

Hi,

Thanks for your feedback.

About your first problem, its look like some spell mistake. Please check its working fine and let me know if you still having problem with this.

Second, In ACL enable app by default all user have permission to read the document if you need that only specific user have access to read. In that case, you need to call a method name revokeAccessOnDoc. which remove the access from public as well as specific user list from which you need to remove access.

Third, from revoke access method you can remove access of read from public as well.

About your last query can you just please elaborate. Just because i have not understand exactly what you want to say.

answered Jun 6, 2014 by hs00105 (517 points)
Download Widgets
Welcome to ShepHertz Product line forum, where you can ask questions and receive answers from the community. You can also reach out to us on support@shephertz.com
...