0

I have a collection "data" with roles for different permission levels like Read and Update. User can only update their own documents and read some. But everybody can insert new documents. I defined the roles and created an function to check the users permissions. BUT no one is permitted to insert new documents.

This is my role definition: 

{
  "%%true": {
    "%function": {
      "name": "checkAccess",
      "arguments": [
        "%%root",
        "Read"
      ]
    }
  }
}

My function checkAccess returns true when one condition is true. But if there is a new document non of the conditions deliver true.

So I tried to define a role definition like:

{
  "%%prevRoot": {
    "%exists":true
  }
}

And grant InsertDocument permissions to make shure that everybody can insert new documents. But %%prevRoot can´t resolved (ErrMsg: do not know how to expand '%%prevRoot')

It´s hard to become familiar with mongodb Stitch without good sources. Hopefully you can help me with this.

user1957700
  • 55
  • 7
  • To clarify your question, you would like users to be able to insert and read documents, but only update their own document ? If that's the case, you could just create a role with `apply_when` for owner id matching `%%user.id` for writes. – Wan B. Sep 03 '19 at 02:17
  • No .. I´ve already a good way to grant permissions to every user and document. But I can´t create a role which allows to create a new document. In the documentation there is an example: `{ "%or": [ { "%%prevRoot": { "%exists": %%true } }, { "%%root.name": "new" } ] }` But this doesn´t work. – user1957700 Sep 24 '19 at 10:41

0 Answers0