Permissions for multiple users and data (edit, delete)
started a topic
almost 4 years ago
One of our developers is working on an app that has different levels of users (e.g. Single User, Multi User, Admin), and we are storing the information from a form into a collection.
Our developer is saying that if one users is storing the form results, another user is unable to edit / delete this information. A) Can this be solved with business logic and B ) Is this the best way to structure it? Is there anything you can point us to in regards to how permissions work for multiple users / data?
Thanks! He is very new to Kinvey, and just needs some direction.
It sounds like you've got your collection preferences set to Private, which means users can only see their own data. Kinvey has a fine-grain permissions model that you can use to set permissions for collections and entities. There's a full write up of the features [here](http://devcenter.kinvey.com/rest/guides/security#authorization).
The best way to tackle this is really a value judgement on how restricted you want data access to be. Generally speaking using BL to enforce permissions across multiple platforms is a good idea, but you can avoid some work there by simply choosing a more relaxed per-collection policy if your data is insensitive enough.