Data security is managed role-based. In your project's admin dashboard, navigate to Authentication > Roles and configure a specific role. There are four actions for each collection in your database: CREATE, READ, UPDATE and DELETE.
- CREATE: Add a new object to a collection
- READ: Read an existing object from a collection
- UPDATE: Update an existing object
- DELETE: Permanently delete an existing object
Furthermore you can add scope
user to those actions.
*: Global permission - Permission to execute the action on every object in the specific collection
user: User scoped permission - Permission to execute the action is restricted to the objects created by the accessing user
We also added a wildcard resource
*ALL_TABLES*. If you grant permissions on that resource for a role, it is the default permission for all collections. When a user attempts to access an object of collection
todo, we check if he has the permission on