Start a new topic

_acl field authorization and Setting Permission Shared

I have set Setting -> Permission to Shared in Web Console of Kinvey


I update a field using node.js like below:


Kinvey.DataStore.update


and _acl.creator of this field is the login userid but I got


Kinvey: Failed to update the document. { name: 'InsufficientCredentials',
  description: 'The credentials used to authenticate this request are not authorized to run this operation. Please retry your request with appropriate credentials',
  debug: '' }


When I added


"gr":true,"gw":true


to _acl field, then it's fine.



1 Comment

Hi Mark,


For data collections and users, shared permissions are explained as follows: Alice can see Bob's data, she can modify her own data, but she can't modify Bob's data.


It seems that you are trying to update a row which was created by some other user. The gr - globalRead / gw - globalWrite addition to _acl will override the collection level permissions and allow every authenticated user to read and write to that row.


Let me know if you have any such issues.


Regards,

Wani

Login or Signup to post a comment