How to configure the Realm Sync permissions so that users can write from within (specific) functions, e.g. a function “increaseCounter” that will check if certain conditions are met and then increase a value in a document by 1.
The users should not be allowed to change this value themselves (which they would be able to if i gave them basic “write” access, so this is where my question comes from. They should only be allowed to call this function).
How do I define that in the Sync permissions section?
Okay this is super simple. Just do not give write permission in the Sync “Define Permissions” section and configure the function your clients should call to change data to use “System” authentication. Warning: when testing, this will be overwritten whenever you test a function directly from the Realm UI on realm.mongodb.com under “Functions” if you press “Change User” below a function’s code in the console area and select a user from the list. If you want to test the function with the correct context.user, it is mandatory to call the function actually from a (test) client SDK.