App42 is very great,
I use ACL Enable app, and want to use the Method Authorization for storage, and thank about the security.
My app will online soon, but I encounter some problems:
Problem 1: when I Grant Access for storage -> All, all is ok, But when I Grant Access for storage->FindDocumentByKeyValue only, And I call FindDocumentByKeyValue, app mentioned me: "UnAuthorized Access","details":"Client is not authorized.
It seems that when remove "Grant Access for storage -> All" , and add "grant access for storage-> FindDocumentByKeyValue", I lose storage service access permission . I have Authenticated current user. I think it may be a bug.
Problem 2: Use ACL enable app, when I call FindDocumentByKeyValue/FindAllDocuments, i expect it return the document which the owner is me, but now it return some documents which not belong to me. This may damage to my app.
Some document is important, I expect all the other user can't call the FindDocumentByKeyValue/FindAllDocuments to get important document which not belong to them.
Problem 3: Is there a way to make some documents not read for other user? I want to set some data permission: not read for other user. The ACL enable app's permission is PUBLIC/read, that means other user can read my important data, this will damage to my app.
Problem 4: I use acl enable app, When i first open the app, and i haven't Authenticated, i want to call mCustomCodeService.RunJavaCode("GetRoleNameAndPassword", jsonBody) to get the rolename and password, after get the rolename and password, i can authenticate, but i haven't any permission to use customcode service . Is there a way to help me?
Thank you for your reply.