Outdated Security docs (ACL)?

Hello, can someone comment if this is a mistake in the docs (https://docs.moralis.io/moralis-server/database/security - see photo highlight)

and here is my screenshot of ACL for User Class
unknown (1)

So it seems that users cannot see each others data by default which means that docs are incorrect?

I found one more paragraph on this page (see also photo) https://docs.moralis.io/moralis-server/database/security

It is mentioned again that every user object is readable by other users by default. However, after checking the ACL of user objects, it seems that it should not happen. So I am wondering if the docs are actually outdated?

Thanks both places updated!

1 Like

@ivan here is one more place that its confusing in the security docs.

See below that READ, WRITE and ADD FIELDS have subcategories. But in the moralis dashboard there are no those subcategories that can be configured. Do you know what do i mean?

Additionally, it looks like that this part should also be removed from the docs? I believe you have might forgotten that…

1 Like

The extra options are available when editing class-level permissions, under ‘security’.
They should be available when clicking the settings icon and selecting ‘advanced’.


1 Like