I have an app that is generally member only.
However, I have a case where I want non-members to be able to edit/update some specific data. These are a datatype called shows.
I have created a datatype of tokens which store a unique token code and a show.
I can send an link to a specific page adding this token to the url, eg www.testsite.com/page?token=abc
I now need to load the correct show data into the page using the token in the URL.
I can read the toen in the url correctly, but I can’t seem to access the relevant show data, for example…
Text field that is a Do Search for token = get data from URL token first item tokens shows show name
this is blank when loading the page - I have checked that the token is correct, I can search for the token in the DB and find it, and it has a show.
It’s almost certainly your Privacy Rules. By default, data isn’t visible to non-logged-in users, so your ‘Do a search for’ will come up empty. You need to explicitly allow ‘Everyone else’ to find Tokens in searches and view the relevant fields on both the Token and Show data types.
Inside token entity with each tokens also add a reference for show, build you privacy rules for show , so that it will allow user to edit the show if url token also contain the show.On that page with url parameter load the show.
Also inside show add temp token which contain the token user have in theurl so privacy rules allow that specific show.
If these should too complex I can help you set this up for free
Hi, Thanks I would appreciate that, think I’ve fixed some of the privacy rules but there are still some issues, not too sure what you mean by inside temp token section.
Can you show us your privacy rules?
This is what is currently set up for the tokens (accesslink) and the shows
Which condition?
I’ve got it to display the show details, I now need to work on how it is edited - as they are not logged in there is no privacy rule to allow autobinding. Might need to rethink this and give them some kind of userlogin.
Thanks all,
No the condition in your privacy rules
thats all there is at the moment, basically, if the user is an admin they can access everything, otherwise its the everyone, I haven’t worked out how to create a condition using the page url token
Okey, you cannot let everyone else to edit a show,
This mean everyone can edit any show , you have to be specific here. you need a privacy rulse which only allow user how url token have this ( one specific show ) can edit it.
Thats what I’m working on, I can only seem to have conditions based on the current user which is not possible as they arent logged in, so it needs o be some kind of condition on the show. they show has a field for the access link, so I can access the token, but cant do anything about comparing to the page?
There are always many ways of doing but one thing i can think of right now is:
you can use current user, current user bubble give you a gosht user , so its a user but not logedin, it have all the fields and things, bubble keep its in cookies for upto 24h i think.
what you can do is , when page load, save current page token inside user. this will store it in side that gost user ( no worries if its not logedin but its still a user )
for privacy rules, you can say somehtign like, this show access token is current user access token.
this make privacy rules valid, and your user will get access to the show dependign on the condition,
