I am trying to create an object in the storage engine from a session (S1) and read it from another (S2).
Even if I specified the ReadPermission as public read, when I create the object from S1, I cannot retrieve it from S2.
In the console I can confirm the object is created and the read permission is configured correctly as public read, but I also notice that he object has the userid field populated with the value from S1.
The documentation says “An object which has no owner can be fetched with "null" and is useful for global objects which all users should be able to read.”
Therefore, I manually modified the object through the console, and replaced the userid by 1. 00000000-0000-0000-0000-000000000000 which makes the object readable from both sessions S1 and S2.
I see the documentation says that the ownership of the object can be adjusted at runtime when the object is created.
Is there any way to achieve the same from the client? Can I authenticate as the default account with userid 00000000-0000-0000-0000-000000000000? Can I impersonate the session on the WriteStorageObject request?
Hey @Jorge, could you share the code you are using to create and then read the storage object?
I think don’t worry about the global object workaround since you should be able to use the client to read S1’s object from S2 if you are using a PublicRead and passing S1’s user ID to the listStorageObjects call from S2.
I just replaced ReadStorageObjectsAsync by ListStorageObjectsAsync.
I noticed that a Storage Object is uniquely identified by Collection + Key + User Id, so to read an Storage Object I actually need to know the user id of the owner of the object, but I can list all storage objects of a collection as far as they are configured as public read.
Is there any way to achieve the same from the client? Can I authenticate as the default account with userid 00000000-0000-0000-0000-000000000000? Can I impersonate the session on the WriteStorageObject request?
@Jorge Unfortunately to achieve what you’d want you’ll need to write a small RPC function that writes the object to the storage engine with the system user and public read permissions. By design system owned objects can only be created through authoritative code. Is there a reason you want to avoid the use of an RPC function?