fascinating-indigo
fascinating-indigo5mo ago

Appwrite permissions

I use Refine with Appwrite as backend and Antd. I have seen how to add document permissions when creating or editing documents https://refine.dev/docs/data/packages/appwrite/#create-page But there are things that remain unclear: First, what is the difference between meta's readPermissions and writePermissions https://github.com/refinedev/refine/blob/master/packages/appwrite/src/dataProvider.ts#L82? Second, with readPermissions and writePermissions I can add permissions to the default Permission.read(Role.any()) and Permission.write(Role.any()) https://github.com/refinedev/refine/blob/master/packages/appwrite/src/dataProvider.ts#L80C9-L81C38. But how to override these default permissions? I don't want public permissions, only the permissions i set in meta at creation/edition.
GitHub
refine/packages/appwrite/src/dataProvider.ts at master · refinedev/...
A React Framework for building internal tools, admin panels, dashboards & B2B apps with unmatched flexibility. - refinedev/refine
Appwrite | Refine
Refine provides a data provider for Appwrite, a backend as a service platform, to build CRUD applications.
8 Replies
kapa.ai
kapa.ai5mo ago
Hi @humboldtux. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- In Refine with Appwrite, readPermissions and writePermissions are used to control who can read and write to the documents in your Appwrite collections. - readPermissions: This is used to specify who can read the document. If you set readPermissions to Permission.read(Role.any()), it means that any role can read the document. - writePermissions: This is used to specify who can write to the document. If you set writePermissions to Permission.write(Role.any()), it means that any role can write to the document. These permissions are set in the meta of the useForm hook when creating or editing documents. Here is an example: 
import { Permission, Role } from "@refinedev/appwrite";  
const { formProps, saveButtonProps } = useForm<IPost>({  
 meta: {  
 writePermissions: [Permission.read(Role.any())],  
 readPermissions: [Permission.read(Role.any())],  
 },  
});  
import { Permission, Role } from "@refinedev/appwrite";  
const { formProps, saveButtonProps } = useForm<IPost>({  
 meta: {  
 writePermissions: [Permission.read(Role.any())],  
 readPermissions: [Permission.read(Role.any())],  
 },  
});
In this example, both readPermissions and writePermissions are set to Permission.read(Role.any()), which means that any role can read and write to the document. If you want to restrict permissions and only allow specific users, you need to specify it in meta. For example, if you want to allow only users with the role "admin" to write to the document, you can do it like this: 
import { Permission, Role } from "@refinedev/appwrite";  
const { formProps, saveButtonProps } = useForm<IPost>({  
 meta: {  
 writePermissions: [Permission.write(Role.admin())],  
 readPermissions: [Permission.read(Role.any())],  
 },  
});  
import { Permission, Role } from "@refinedev/appwrite";  
const { formProps, saveButtonProps } = useForm<IPost>({  
 meta: {  
 writePermissions: [Permission.write(Role.admin())],  
 readPermissions: [Permission.read(Role.any())],  
 },  
});
In this example, any role can read the document, but only users with the role "admin" can write to the document. Please note that the wildcard permission "*" has been replaced by "role:all" in Appwrite 0.12 and later versions. You can find more info in the Migration Guide (https://dev.to/appwrite/appwrite-012-migration-post-3cha) blog post. Sources: - Refine Appwrite List Page Part 4 (https://refine.dev/docs/data/packages/appwrite#list-page) - Github Issue: Update Dataprovider for Appwrite >0.12 (https://github.com/refinedev/refine/issues/1453) ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
kapa.ai
kapa.ai5mo ago
<@648661552894967820> kapa.ai is still learning and improving, please let us know how it did by reacting below
fascinating-indigo
fascinating-indigo5mo ago
I am sorry i didn't get the answer and help i wanted. Your answers are not relevant to my problem and are just a verbatim copy of the documentation. I already read the documentation.
fair-rose
fair-rose5mo ago
I can confirm, I facing the same problem. 
    "@refinedev/appwrite": "^6.4.7",
    "@refinedev/antd": "^5.37.5",
    "@refinedev/appwrite": "^6.4.7",
    "@refinedev/antd": "^5.37.5",
did you find a solution ? @humboldtux
fascinating-indigo
fascinating-indigo5mo ago
No, unfortunately @Aphelios
fair-rose
fair-rose5mo ago
@humboldtux I was able to walk around it, by wrapping the original dataProvider in a custom made dataProvider that overrides the methods. sample: 
export const customDataProvider = (
  appwriteClient: Appwrite,
  options: { databaseId: string } = { databaseId: 'default' }
): Required<DataProvider> => {
  const { databaseId } = options;
  const database = new Databases(appwriteClient);
  const originalDataProvider: Required<DataProvider> = dataProvider(
    appwriteClient,
    {
      databaseId,
    }
  );

  return {
    ...originalDataProvider,
    create: async ({ resource, variables, meta }) => {
      const permissions = [
        // Permission.read(Role.any()),
        // Permission.write(Role.any()),
        ...(meta?.readPermissions ?? [Permission.read(Role.any())]), // new permisions
        ...(meta?.writePermissions ?? [Permission.write(Role.any())]), // new permisions
      ];

      const { $id, ...restData } = await database.createDocument(
        databaseId,
        resource,
        meta?.documentId ?? ID.unique(),
        variables as unknown as object,
        permissions
      );

      return {
        data: {
          id: $id,
          ...restData,
        },
      } as any;
    },
}
export const customDataProvider = (
  appwriteClient: Appwrite,
  options: { databaseId: string } = { databaseId: 'default' }
): Required<DataProvider> => {
  const { databaseId } = options;
  const database = new Databases(appwriteClient);
  const originalDataProvider: Required<DataProvider> = dataProvider(
    appwriteClient,
    {
      databaseId,
    }
  );

  return {
    ...originalDataProvider,
    create: async ({ resource, variables, meta }) => {
      const permissions = [
        // Permission.read(Role.any()),
        // Permission.write(Role.any()),
        ...(meta?.readPermissions ?? [Permission.read(Role.any())]), // new permisions
        ...(meta?.writePermissions ?? [Permission.write(Role.any())]), // new permisions
      ];

      const { $id, ...restData } = await database.createDocument(
        databaseId,
        resource,
        meta?.documentId ?? ID.unique(),
        variables as unknown as object,
        permissions
      );

      return {
        data: {
          id: $id,
          ...restData,
        },
      } as any;
    },
}

message.txt

fascinating-indigo
fascinating-indigo5mo ago
thanks @Aphelios will give it a try
fair-rose
fair-rose5mo ago
cool, anyways I opened a PR to fix it, it should be merged soon. cheers! https://github.com/refinedev/refine/pull/5774
GitHub
fix(appwrite): make meta.permissions overrideable #5767 by abdelr...
PR Checklist Please check if your PR fulfills the following requirements: The commit message follows our guidelines: https://refine.dev/docs/guides-concepts/contributing/#commit-convention Bugs ...
More Posts
How can I populate a resource before passing to Inferencer?Strapi v4 data by default doesn't even show relations/nested fields at all. When passing into inferLDAP AuthHi everyone, i am new in the domain, and i need to auth my users thanks to an existing active directwhy cant get data onsuccess?why cant get data onsuccess?Hello! I'm trying to be a good RefineHello! I'm trying to be a good Refine citizen and go through the proper channels. I had a refine-sRefine DevTools not workingHello! I've tried doing my homework before asking this question. But I can't seem to get the Refin@ant-design/pro-table not workingI added ProTable from ant-desing. The problem is with some features like fix columns which is not woHow can i use query params for fetching?I have this code: `import { NumberField, Show, TextField } from "@refinedev/antd"; import { useShowFiltering with between in SupabaseI'm trying to useList while filtering a date column. The format of the date in this column is YYYY-Muse refetch result in next lineWhen I use refetch functiom from useCustom, the data variable is not updated inmediatly, what can I upload file using antDI need to upload a file with specific format. Exist any hook to do it?