How can we help you today?

Start a new topic
Discussions Kinvey Forums iOS

problem with access control

I am following the docs (I believe) to attempt to establish access control to allow 2 different user accounts to update the same object.



Here is the code for the object:



// .h



@interface SNWRequest : SNWObject{





}

@property NSString * entityId;

@property NSString * fromID;

@property NSString * toID;

@property NSString * type;

@property NSString * objectID;

@property NSString * status;

@property NSString * data;

@property KCSMetadata* metadata; //Kinvey metadata



- (NSDictionary *)hostToKinveyPropertyMapping;

@end



// .m





@implementation SNWRequest

@synthesize fromID, toID, type, objectID, status, data, entityId, metadata;





- (NSDictionary *)hostToKinveyPropertyMapping

{

return @{

@"entityId" : KCSEntityKeyId,

@"fromID" : @"fromID",

@"toID" : @"toID",

@"type" : @"type",

@"objectID" : @"objectID",

@"status" : @"status",

@"data" : @"data",

@"metadata" : KCSEntityKeyMetadata //metadata mapping

};



}

@end



.. and here is the code to create and store the object



KCSAppdataStore *store = [KCSAppdataStore storeWithOptions:@{ KCSStoreKeyCollectionName : @"SNWRequest",

KCSStoreKeyCollectionTemplateClass : [SNWRequest class]}];





SNWRequest *request = [[SNWRequest alloc] init];

request.fromID = [KCSUser activeUser].userId;

request.toID = toUser.userId;

request.type = @"buddyrequest";

request.status = @"new";

[request.metadata setGloballyWritable:YES];

[request.metadata.writers addObject:toUser.userId];





[store saveObject:request withCompletionBlock:^(NSArray *objectsOrNil, NSError *errorOrNil) { //etc





... and this the record created on the server...



_id

"531375da31fe5fcc6a0197fd"



fromID

"530bc8a70be1987329033787"



status

"new"



toID

"53136934441e6370410196b4"



type

"buddyrequest"



metadata (_kmd)

{"lmt":"2014-03-02T18:18:02.261Z","ect":"2014-03-02T18:18:02.261Z"}



access control (_acl)

{"creator":"530bc8a70be1987329033787"}



... but when I attempt to update that object from a second user account, this is the error I see



Error Domain=KCSAppDataErrorDomain Code=401 "Active user (username:'XXXXXXXX') does not have permission to write object (_id:'531377af441e637041019de1') to collection 'SNWRequest'" UserInfo=0x1d9b92e0 {NSLocalizedDescription=Active user (username:'XXXXXXXX') does not have permission to write object (_id:'531377af441e637041019de1') to collection 'SNWRequest', kinveyRequestId=2c648f42885a4d1a9f8403e6fc66848f, kinveyInternalErrorString=, NSLocalizedFailureReason=, NSErrorFailingURLStringKey=https://baas.kinvey.com/appdata/kid_TeAhMJNXYf/SNWRequest/531377af441e637041019de1, kinveyErrorCode=InsufficientCredentials, NSLocalizedRecoverySuggestion=Retry request based on information in `NSLocalizedFailureReasonErrorKey`}
2 CommentsSorted by Oldest First
Well, my error was a stupid mistake but I'll update in case anyone else does this too.



metadata was nil in the example above, I simply had to initialize it and it worked fine

Hey Jeff, Thanks for writing in! Glad you fixed it!
Login or Signup to post a comment
More topics in iOS
See all 433 topics