Many-to-many joiner table permission question

kevinwasie · January 26, 2023, 5:30am

I have the following 3 tables:

users = {id, name}
listings = {id, address}
users_to_listings = {id, user, listing, role}

When executing a query against listingsList, users should only be able to see listings for which they are attached to through users_to_listings table. I’ve created a custom role that all users will have. On that role, in the listings object, what read filter do I use for this?

On the listings table, I have tried many things, including:

{
  "users_to_listings": {
    "some": {
      "user": {
        "id": {
          "equals": "__loggedInUserId"
        }
      }
    }
  }
}

estebanf · February 2, 2023, 9:49am

@kevinwasie is users the User table provided by 8base or a custom table you created?

kevinwasie · February 2, 2023, 3:15pm

Yes, @estebanf the user table is provided by 8base.

estebanf · February 2, 2023, 6:06pm

@kevinwasie Please take a look at this video. Let me know if it helps

kevinwasie · February 2, 2023, 6:14pm

Yes, that is exactly what I needed and I learned how to set the filters now from your video. Thank you VERY much @estebanf.