#[SOLVED] Add user permission in the document created using functions

I am creating a new document through function call. Im using dart for the functions. I want to add permissions that the user who called the functions should be the only person who can access the document created. So how can i achive it?

Is the user executing the function through the Functions client SDK?

If so you're getting the current user ID inside the APPWRITE_FUNCTION_USER_ID variable so you can do something like this:

1. Add document security for your collection
2. Create the document and give the current user all permissions

const userId = req.variables['APPWRITE_FUNCTION_USER_ID'];

await databases.createDocument(
    '[DATABASE_ID]',
    '[COLLECTION_ID]',
    {... data},
    [
        Permission.read(Rolse.user(userId)),   
        Permission.update(Rolse.user(userId)),   
        Permission.delete(Rolse.user(userId)),   
        Permission.write(Rolse.user(userId)),   
    ]
);

Yes

Adding APPWRITE_FUNCTION_USER_ID is resulting in error

Converting object to an encodable object failed: Instance of 'NoSuchMethodError'

What error?
What is your code and what language you're using
That was a general example

Heres the error in the execution

im using dart

and also, i tried running the exact same code by removing the permissions part

and it then works properly

So this line caused the error

userId = req.variables['APPWRITE_FUNCTION_USER_ID'];

?

Yes

Can you share your function code?

Im really sorry but its actually under NDA so wont be possible

lemme try sharing code by removing some part and so

import 'dart:convert';

import 'package:dart_appwrite/dart_appwrite.dart';


Future<void> start(final req, final res) async {
  try {
    final client = Client()
        .setEndpoint('...')
        .setProject(Constants.projectId)
        .setKey('...')
        .setSelfSigned(status: true);

    final database = Databases(client);

    final payload = req.payload;
    final userId = res.variables['APPWRITE_FUNCTION_USER_ID'];

    final ... = await database.createDocument(
      databaseId: '...',
      collectionId: '...',
      documentId: '...',
      permissions: [
        Permission.read(Role.user(userId)),
        Permission.update(Role.user(userId)),
        Permission.delete(Role.user(userId)),
        Permission.create(Role.user(userId)),
      ],
      data: {...}
    );

  } catch (e) {
    res.json({'error': e});
  }
}

Would this be enough?

Can you add st to the catch and share it?

  } catch (e,st) {
    res.json({'error': e,'st':st});
  }

Oh
Wait a sec

Can you change it to req instead of res?

-res.variables['APPWRITE_FUNCTION_USER_ID'];
+req.variables['APPWRITE_FUNCTION_USER_ID'];

lemme try that

Nope

but now it is giving this error

Converting object to an encodable object failed: Instance of 'AppwriteException'

With what stacktrace?

And upon looking at logs of appwrite

Message: Invalid permissions: Permission "create("user:64ac3b8cf403a8b2ab32")" is not allowed. Must be one of: read, update, delete, write.

this is the exact error

Yes, you shouldn't put create one
You can see in the example

Here

Well, that did worked, but now the permissions in db are duplicated somehow

"read("user:64ac3b8cf403a8b2ab32")",
"update("user:64ac3b8cf403a8b2ab32")",
"delete("user:64ac3b8cf403a8b2ab32")",
"update("user:64ac3b8cf403a8b2ab32")",
"delete("user:64ac3b8cf403a8b2ab32")"

this is the response

Yes, I think you can just give the write permission

      permissions: [
        Permission.write(Role.user(userId)),
      ],

Or write + read

      permissions: [
        Permission.read(Role.user(userId)),
        Permission.write(Role.user(userId)),
      ],

Try it

Lemme try it

Thanks a lot, was able to solve it