usergrid collection permission not working

Question

I have created user name abcdef and added permission for that user for concerts collection as

When I query for concerts, I expect it to return nothing but it returns all concerts entity. Is there something that I am missing on applying permission

curl -XGET 
http://api.usergrid.com/***/***/concerts?access_token\=YWMt8zqr5FqqEeWmj-Oi1e6IqAAAAU_unlN_XnYvv7TeJszcL1o0cEPNYfmWJIw

brandonscript · Accepted Answer · 2015-09-15T13:43:46.163

2

Filed under USERGRID-1020

There are two reasons that might cause this. First, default sandbox permissions may still be set up on your app:

You'll need to remove this or set them all to no.

Second, and more importantly, applying the permissions directly to the user doesn't appear to be working (?!) and I don't know if this is by design or not. To test this, I duplicated your scenario, and am seeing the same result. To work around it (which actually is more of a security best practice anyway) I created a group with the desired permissions and added the user to the group:

edited Sep 15 '15 at 13:43

answered Sep 14 '15 at 14:29

brandonscript

68,675
32
163
220

I'm not in sandbox and when I tried as you said (new group created then I applied permission to that group, then I added one user to that group), it don't work... have you tested result after adding user to group? – Lionel Sep 15 '15 at 06:55

score -1 · Answer 2 · edited Feb 04 '16 at 18:23

-1

Remove the default permission under your app. This worked for me.

BaaS Permission

edited Feb 04 '16 at 18:23

Brian Tompsett - 汤莱恩

5,753
72
57
129

answered Feb 04 '16 at 07:49

purush

1

usergrid collection permission not working

2 Answers2