Reduce everyone role with c# sdk


I am using realm platform with the default realm.
I want to reduce the everyone role to read only (CanRead + CanQuery).
I could not manage to reduce the permissions to read only. If I look at realm studio all permissions in __Permission remain the same.
The documentation does not contain any samples yet.
Could anyone please provide the snippet to reduce the “everyone” role to read-only?

                var realmConfiguration = new QueryBasedSyncConfiguration(realmUri, user);
                var realm = Realm.GetInstance(realmConfiguration);

                realm.Write(() =>
                    //get role everyone and admin
                    var everyone = PermissionRole.Get(realm, "everyone");
                    var admin = PermissionRole.Get(realm, "admin");

                    //remove all permissions from everyone role
                    var permissions = realm.All<Permission>().ToList();
                    permissions = permissions.Where(x => x.Role.Name == "everyone").ToList();
                    foreach (var p0 in permissions)

                    //create new read-only permission for whole realm (everyone-role)
                    var permission = Permission.Get(everyone, realm);
                    permission.CanCreate = false;
                    permission.CanDelete = false;
                    permission.CanModifySchema = false;
                    permission.CanSetPermissions = false;
                    permission.CanUpdate = false;
                    permission.CanRead = true;
                    permission.CanQuery = true;

                    //create new full-house permission for whole realm (admin-role)
                    permission = Permission.Get(admin, realm);
                    permission.CanCreate = true;
                    permission.CanDelete = true;
                    permission.CanModifySchema = true;
                    permission.CanSetPermissions = true;
                    permission.CanUpdate = true;
                    permission.CanRead = true;
                    permission.CanQuery = true;

                    //add user to admin role
                    var users = admin.Users.ToArray();
                    if (users.All(x => x.Identity != user.Identity))

ALSO I’ve tried to set object level permissions for one entity.
I also could not manage to do that. Other users still can query/read the object.
In realm studio the “Permissions” property of the object remains empty. I don’t know why:

                        //create new PointAccountSummary
                        existing = new PointAccountSummary
                            Id = key,
                            CompanyId = message.CompanyId,
                            UserId = message.UserId
                        realm.Add(existing, true);

                        //Apply permissions to the new PointAccountSummary
                        //Read-only permissions for the owner user
                        var userId = Guid.Parse(message.UserId).ToString("N");
                        var role = PermissionRole.Get(realm, $"__User:{userId}");
                        Permission permission = Permission.Get(role, existing);
                        permission.CanRead = true;
                        permission.CanQuery = true;
                        realm.Add(permission, true);

                        //Full permissions for admin
                        role = PermissionRole.Get(realm, $"admin");
                        permission = Permission.Get(role, existing);
                        permission.CanRead = true;
                        permission.CanQuery = true;
                        permission.CanUpdate = true;
                        permission.CanDelete = true;
                        permission.CanModifySchema = true;
                        permission.CanSetPermissions = true;
                        permission.CanCreate = true;
                        realm.Add(permission, true);


Does anyone has any idea? Really can’t find any solution for this.
Can’t use it without getting this working … don’t want to switch the technology.


I’m on my phone and can’t check it right now, but I would not remove all permissions - that should not be necessary. Also, I would invert adding the user to the admin role and locking down the everyone role. So finally, it would look something like:

var adminRole = PermissionRole.Get(realm, "admin");

var adminPermission = Permission.Get(realm, adminRole);
adminPermission.CanRead = true;
adminPermission.CanUpdate = true;
adminPermission.CanSetPermissions = true;
adminPermission.CanModifySchema = true;

var everyoneRole = PermissionRole.Get(realm, "everyone");
var everyonePermission = Permission.Get(realm, everyoneRole);
everyonePermission.CanRead = true;
everyonePermission.CanUpdate = false;
everyonePermission.CanSetPermissions = false;
everyonePermission.CanModifySchema = false;


Thanks for your reply.
I’ve tried that and if I run this code again the “everyonePermission” has again all permissions set to true.
If I set it to false again, commit/sync and restart again the same issue occurs. Do I have to subscribe to the Permission object or something like that?


Finally got it working.
I’ve set an explict subscription to the PermissionRole and Permission and used the WaitForSynchronization method.
Thanks again for your help!