Hi All
Short version: I'd like to find a way, for certain users (moderators) to have the ability to update / change certain fields data of a collection, that belong to other users/owners.
Long version:
I've created a site, where when members create an account, they also populate the content collection (database) with their details, and they effectively create themselves a profile.
I've also created a profile page, where members can view AND edit their details in the front end (using the "owner" filter on the dataset link). I've made these using dynamic pages. A user can log into their profile, hit the "Edit" button, and can update all the fields in their profile, which updates the content collection - good stuff.
My problem comes where, I need myself & my moderators, to be able to access another users profile, from the front end, and update/change their profile info (fields). I got as far as making it possible for us to access the other members profile, we can edit & save the new data, but unfortunately it just saves to the 1st person in my collection list - rather than the specific profile page we're on. I've checked the dataset filter options, and you can set a filter to "Owner is Logged In" (so you update your OWN data), but I can't find a way to change the filter, so that it saves the changes to the users profile we're currently on. Seems the only two options are either saving to the "Logged in owner's" profile OR the 1st person on the list.
Maybe there is a work around, but as I say, short version is I want us to be able to change the content data of ANY user, from the front end.
I hope this all makes sense, and hope someone is able to assist with this?
Thank you!
Tom
See image below of the filter I was referring to. Setting it to this, means the data submitted will save to whoever is logged in's profile. But I need the data to save to the users profile page that we're currently on instead.
I'm a newbie. But I'm trying to join dots - pardon me if I sound like an idiot.
The front end talking to a backend - that's a security connection. As must it should be.
All users have 'default' access to backend in some form - unless they've not been given any priviledges - like site visitors.
For anyone to make changes to anyone else - heirarchy will need to be followed.
Can I know what specifically should the users change ? What data values are you wanting to change ?
I've been wanting to change the createOrder() and the parameters it takes - but I'm unable to punch an order using a spreadsheet - and that's what led me to this question here.
I am suspecting user data cannot be modified via Velo. It will require access to the DB.
Hey guys, I'm still stuck with this one. I've created a form for submitting data to the collection, but not sure how to configure it so you can choose which users data, you're looking to edit.
Anyone who can help with this one? Thank you :)
Anyone else got any ideas, on how I can update content collection data, for a different user, from the front end? Or how to adjust my table, so that fields can be updated from the front end? Thank you!
Yeah unfortunately I didn't have any luck with the repeater. How would I go about adding input fields in a table that's connected to my dataset Ahmad?
Thanks
You can also use a Repeater with input fields. A repeater is much more flexible and offers many more options. See the Input Repeaters example.
Anyone know if that's possible? A table, placed on a page on front-end, but the fields editable ?
Hi 🖐
You can store the (moderators) IDs in an array, and store it in a variable inside a backend function, and when the function is called a check is performed against the moderators IDs array, and if the IDs match, then grant the user the authorization to do whatever you want to do.
Example:
// backend code - backend/members.jsw; import wixUsersBackend from 'wix-users-backend'; import wixData from 'wix-data'; let user = wixUsersBackend.currentUser; const moderators = ["id1-asldkalsd", "id2-aslkdjuqw"]; export function getMembersData() { return checkPermissions().then(() => { // Run your code to do anything, for example, retrieving some data return wixData.query('Members').find({suppressAuth: true}).then((result) => { return Promise.resolve(result.items); }).catch(err => { return Promise.reject(err); }) }).catch(err => { return Promise.reject(err); }) } function checkPermissions() { if (moderators.indexOf(user.id) > -1) { return Promise.resolve("ok"); } else { return Promise.reject("Not enough permissions!"); } }
Those functions are on a backend module called "members".
To get the members data, a backend function needs to be called from the frontend to get the members, but only if the member has permissions to do that.
// Frontend page. import { getMembersData } from 'backend/members.jsw'; $w.onReady(() => { $w('#getDetails').onClick(async () => { await getMembersData().then((items) => { // Display the data to the moderator $w('#membersRepeater').data = items; }).catch(err => { $w('#erorMessage').text = String(err); }) }) })
Just make sure to configure the repeater with its onItemReady( ) function.
Hope this helps~!
Ahmad
Typically, a user can't change data that belongs to another user. However, as the site admin, you have super powers, and you can make whatever changes to the database that you want.
You will want to do all of this in the backend since you don't want any sensitive information exposed in the frontend. You, or whoever else has the required site credentials (assigned by you, the admin), will have no problem performing a query of the Members collection in the backend if you use the suppressAuth option in your queries.
Forgot to mention, some collections (eg. Members) can't be changed - they don't have write access - not even for an admin. That means that whatever info you want to be editable, should be in another collection that you create specifically for that kind of information.
Anyone got any ideas?