Setting user data via Corona

Question

I'm trying to implement a system that sets data associated with a user in an ACL-enabled app. I'm able to read data set via

userService:addJSONObject( collectionName, Global.user);

using this code:

storageService:findDocumentByKeyValue(dbName, collectionName,key,value,App42CallBackForTest)

It seems there's no difference between data loaded into the storageService with a userService login and data loaded directly through the storageServer. Correct me if I'm wrong about this.

But anyway, when I try to change that data using updateDocument,  it doesn't work. I get a Document not found error, despite being able to find it with the findDocumentByKeyValue method.

storageService:updateDocumentByKeyValue(dbName,collectionName,key,value,jsonDoc,App42CallBackForTest) 

Do I need to do something with ACLs and user authentication to write the data? If so, how should that be formatted? The docs are unclear about this. Thanks.

Answer 1

Hi Tc,

Yes, you are right both are same. 

In ACL enabled app, it is required to pass sessionId of the user who is making a call. Session Id is used on the server to determine the user and checking for authorization. Session Id can be fetched once the user is authenticated and it used in the method call, to update the user document, 

 

So in order to resolve the above issue, you need to set the session id in Storage Service instance. Please find the below code snippet and let me know if it helps: 

storageService:setSessionId("Session Id of user"); // You can retrieve, session id easily at the time of user authentication

 

P.S Please have a look at this for more details about securing the app and feel free to let us know if you need any help from our side. 

 

Regards,

Himanshu Sharma