Is there a call to check if the current user has write access to a given object, or to filter a query by write access? What I’d like to do is be able to present the user with a list of objects that they have write access to from the database. This access would have been previously defined by ACLs.
Can you give an example of what you are trying to do? If its relational data for example user A has 16 blog posts with which he has write acess, then in the ACL of the blog post but the user in the ACL.
Then when fetching for the usres ACL just do a querry where ACL is equlat to user id. Does that help ?
I have a collection of objects. I want every user to have Read access, but only small groups will have write access to certain objects in this list. I am trying to present a list of those a given user has write access to for them to pick from. I know I can build a separate 1:n relation to track which items a user is allowed to edit to display in this list, but I was trying to figure out if I could just do it with ACLs or Roles.
After you set roles and ACL, maybe you can query by a specific ACL role
Yes that’s what I was looking for…something like query.hasRole(“PowerUser”)!
It looks to me like Pointer Permissions does what I am after - keep a list of users on an object who are allowed to update that object.
What I can;t see form the documentation link above is how to setup these permissions in the ACL for an object. Anyone know? @cryptokid?
Nevermind - I found it. For others - when you go to Security->Class level permissions, you can enter the name of a Pointer in the dialog to create a new role based on a given relation field.