First, let me say that I am trying to get all students that are part of the same organization as the logged-in user. The users collection is the document that is logged in, and as I understand it that is what CurrentIdentity() returns a reference to. But when a user token makes a request, I don’t get back the expected results.
I was hoping to have the roles only return data within the same organization. That way I didn’t have to make that filtering part of the selection. But I am worried I am going about this wrong.
Here is what I have so far that ends up with an empty array. All FQL passed fine in the shell.
I have a users collection that has an email address and a reference to an organization as orgsRef.
Here is an example -
Create(
Collection('users'), {
data: {
email: 'test@example.com',
orgsRef: Select("ref", Get(Match(Index("orgs_by_name"), "org-a"))),
grants: {
add_students: true,
delete_students: true,
}
}
}
)
I also have students that have the same type of reference to a organization as orgsRef.
Create(
Collection('students'), {
data: {
firstName: 'Jane',
lastName: 'Doe',
orgsRef: Select("ref", Get(Match(Index("orgs_by_name"), "org-a"))),
}
}
),
I can validate in the dashboard they both point to the same organization reference.
I created a custom role for basic users, where they can read students.
CreateRole({
name: "user",
membership: {
resource: Collection("users")
},
privileges: [
{
resource: Collection("students"),
actions: {
read: Query(
Lambda("ref",
Equals(
Select(['data', 'orgsRef'], CurrentIdentity()),
Select(['data', 'orgsRef'], Var("ref"))
)
)
),
}
}
]
})
I then try to query for the students with the following.
Map(
Paginate(Documents(Collection("students"))),
Lambda("ref", {
id: Select(["ref", "id"], Get(Var("ref"))),
first: Select(["data", "firstName"], Get(Var("ref"))),
last: Select(["data", "lastName"], Get(Var("ref")))
})
)
In the shell, it gets all students, which makes sense because of its an admin. When I do this with a user’s key, it gets back an empty array. What am I missing?
Here is the index on users.
CreateIndex({
name: "users_by_email",
source: Collection("users"),
terms: [{ field: ["data", "email"] }],
unique: true
})
Here are the orgs creation and its index.
CreateCollection({ name: "orgs" })
CreateIndex({
name: "orgs_by_name",
source: Collection("orgs"),
terms: [{ field: ["data", "name"] }],
unique: true
})
Finally here are the student’s collection creation and index.
CreateCollection({ name: "students" })
CreateIndex({
name: "all_students",
source: Collection("students"),
})
I appreciate the help in advance!