Start a new topic

problem with access control

I am following the docs (I believe) to attempt to establish access control to allow 2 different user accounts to update the same object.

Here is the code for the object:

// .h

@interface SNWRequest : SNWObject{


@property NSString * entityId;

@property NSString * fromID;

@property NSString * toID;

@property NSString * type;

@property NSString * objectID;

@property NSString * status;

@property NSString * data;

@property KCSMetadata* metadata; //Kinvey metadata

- (NSDictionary *)hostToKinveyPropertyMapping;


// .m

@implementation SNWRequest

@synthesize fromID, toID, type, objectID, status, data, entityId, metadata;

- (NSDictionary *)hostToKinveyPropertyMapping


return @{

@"entityId" : KCSEntityKeyId,

@"fromID" : @"fromID",

@"toID" : @"toID",

@"type" : @"type",

@"objectID" : @"objectID",

@"status" : @"status",

@"data" : @"data",

@"metadata" : KCSEntityKeyMetadata //metadata mapping




.. and here is the code to create and store the object

KCSAppdataStore *store = [KCSAppdataStore storeWithOptions:@{ KCSStoreKeyCollectionName : @"SNWRequest",

KCSStoreKeyCollectionTemplateClass : [SNWRequest class]}];

SNWRequest *request = [[SNWRequest alloc] init];

request.fromID = [KCSUser activeUser].userId;

request.toID = toUser.userId;

request.type = @"buddyrequest";

request.status = @"new";

[request.metadata setGloballyWritable:YES];

[request.metadata.writers addObject:toUser.userId];

[store saveObject:request withCompletionBlock:^(NSArray *objectsOrNil, NSError *errorOrNil) { //etc

... and this the record created on the server...











metadata (_kmd)


access control (_acl)


... but when I attempt to update that object from a second user account, this is the error I see

Error Domain=KCSAppDataErrorDomain Code=401 "Active user (username:'XXXXXXXX') does not have permission to write object (_id:'531377af441e637041019de1') to collection 'SNWRequest'" UserInfo=0x1d9b92e0 {NSLocalizedDescription=Active user (username:'XXXXXXXX') does not have permission to write object (_id:'531377af441e637041019de1') to collection 'SNWRequest', kinveyRequestId=2c648f42885a4d1a9f8403e6fc66848f, kinveyInternalErrorString=, NSLocalizedFailureReason=, NSErrorFailingURLStringKey=, kinveyErrorCode=InsufficientCredentials, NSLocalizedRecoverySuggestion=Retry request based on information in `NSLocalizedFailureReasonErrorKey`}

Well, my error was a stupid mistake but I'll update in case anyone else does this too.

metadata was nil in the example above, I simply had to initialize it and it worked fine

Hey Jeff, Thanks for writing in! Glad you fixed it!
Login or Signup to post a comment