How do I search/lookup the Identity of a Realm User?

cloud

#1

Please can someone point me to documentation that can help me understand the following.

Scenario:
User A has a fine-grained permission Realm. User A is not an admin of the Realm platform. User A is an administrator of her Realm.

User B has a fine-grained permission Realm. User B is not an admin of Realm platform. User B is an administrator of his Realm.

User A wishes to grant User B read access to her fine grained Realm.

Question:
Here’s where I get stuck. How do I search/lookup the Identity of User B?

Problem:
When User A is authenticated she does not have permission to look up another user’s identity on the Realm platform - which means User A is unable to add User B. When I look through the documentation all I see are methods like getUser() - does anyone have an example of this method? I can write a working method that returns information about any user - if the calling user is a ROS Admin. But this method always fails if the calling user is a “normal” Realm user.

Swift / iOS


#2

I believe we’ve addressed that here
Let me know if this isn’t clear


#3

Not clear.

RLMSyncPermission definition … “A value representing a permission granted to the specified user(s) to access the specified Realm(s).”

What I need is the answer to how to fetch the identity of a user so that I can feed that into the fine grained permission system without the calling user being a Realm Admin.


#4

Unfortunately we only support looking up other users info if you are an admin. This was done for security purposes.

I agree this can be rather limiting, but I’m not sure just allowing non-admin users to lookup all other users is the right solution.

How is User A identifying User B right now?


#5

Email address, all users will sign up using their email address as their username.

Back to the drawing board.


#6

So the answer is that it is not possible for non admin users to secure content without access to an Admin credentials. So let’s mark this topic as closed.

However. I do wonder why it was thought that this solution is the secure solution. I know exactly zero developers who are serious about security and who would embed admin credentials into an application. Zero.