"user-agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3",
See the "username", that is the username of the logged in your. Using that username, you can query the "user" collection to get their account "_id". With that you can then create your filter with this filter parameter :
"_acl.creator" : the-account-_id-mentioned above
Unfortunately, this is a few more queries. But I don't know of a "proper" way other than this. Perhaps someone else has a better answer.
D
Davide Neri
said
about 7 years ago
Thanks Justin!
Yea that's the way I ended up choosing yesterday too... in any accessControl method (find(), distinct(), ...) I add some parameters to the query in order to filter the results... similar to the one you're suggesting.
I suppose that if there's a built-in way of doing this might be faster. But if there isn't yet, I think this is the only solution :)
Davide Neri
e.g.
If I perform a find(), I get a non-filtered list of results, like if it's been performed with Master Secret rights.
What I'd want to get is only a list of results that the user that sent the request to CE have rights to access to.
Is this possible?