Semi-public user data in separate realms for edit permissions

MongoDB Atlas App Services & Realm
#1

Let’s say each user in my app has a List:

  • Only the owner can edit the List
  • That owner can decide whether or not other users can see the List
  • The List references Things in a shared public realm, and the app can query which Lists reference a given Thing
  • Users can see a collection of other users Lists that those users have chosen to share

In my understanding, each user would have a private realm in order to restrict others from editing their realm.

I’m having trouble understanding how the above requirements would be met when the Lists must all be in separate realms for security.

#2

I think a bit more information is needed to understand the use case.

The owner can decide whether or not other users can see the List

How are you planning to let other users see the List if each List is private (on a separate Realm)

The List references Things in a shared public realm

What is meant by ‘references’?

Users can see a collection of other users Lists

Where is this collection stored?

You can’t really ‘share’ private data when each user has a separate Realm - see the docs Full Sync Permissions noting this

global read-only Realm (i.e. /globalRealm ) for data all users need to access

#3

How are you planning to let other users see the List if each List is private (on a separate Realm)

That’s the question! If they are in a shared Realm, then everyone has edit access to everything.

What is meant by ‘references’?

I mean, each List is a list of Things

Where is this collection stored?

I don’t know!

You can’t really ‘share’ private data when each user has a separate Realm - see the docs Full Sync Permissions noting this

Ok, so how do I enable privacy and security, since being in the same Realm gives all users the same privileges?

I could duplicate data?

#4

You cannot have a reference across separate realms. Make a unique primary id of Thing (number, string, e.g. GUID is a good choice in such scenarios) and use it in the List. To get list of Things, your app gets List of IDs and then run multiple “objectForPrimaryKey()” queries to the Thing Realm.

#5

Some of this can be handled via permissions: Access Levels would enable you to read/write to your own realm but only allow others read access.

As new users come along, a user can offer the new users access to their Realm.

If you have public data that everyone can share, that would be a public realm with read/write access for all.

You’re structure would be:

ROS
  Jays_Realm
  Cyrstains_Realm
  Leroys_Realm
  Public_Realm

Does that fit the use case?