Rename Owner_ID to diffrent user?

Buhurt_International · August 31, 2023, 1:21pm

Hello,

So i got the following, every item within my dataset is a uniek team. These teams are runned by team captains and it happens that team captains switch positions. Meaning they lose the role of being an team captain. And thus a new captain needs to be able to control the item in the database. I would like to create a code that will do this but is it even possible to change Owner_ID within a dataset ?

will result in

but database does not update the _owner

giri-zano · August 31, 2023, 2:09pm

You will need to add the ““suppressAuth”: true” parameter to the .update (see docs) to be able to change the owner. And just another thing. If you only update _owner, all other values that the row might have will be overwritten with blank values. In order to prevent that, you first need to retrieve the row from the table with its current values (query), inside that object change the owner and then update with this object of data and add “suppressAuth”: true.

Stop press. You can only do this from the backend. I see a button2_click, so this is frontend code.

Buhurt_International · August 31, 2023, 2:10pm

hi i looked for the suppressAuth but i could not find the info, wouldyou be willing to supply me this info?

greetings

giri-zano · August 31, 2023, 2:22pm

update - Velo API Reference - Wix.com . Look under Update Parameters, options.

Buhurt_International · August 31, 2023, 2:39pm

thank you!
got it working

Just to double-check my thinking, If add a call on the front end a member that is the current owner can run the code because it will be run in the backend, and it will automatically have admin power correct?

giri-zano · August 31, 2023, 2:53pm

Actually, the suppressAuth gives it admin power. Therefor, you have to be careful. The backend function you call now from the frontend is a Public Function. You can set access rights (Web Module Permissions) to that function (e.g. only admin), but if you have to set it to Anyone, you must do some further checking (is logged in, is a special _id, etc) to prevent that anyone can call that function (they can, even malicious users, it’s a Public function, so exposed).

Buhurt_International · August 31, 2023, 3:00pm

gotcha,

I already have a check to reach the page where i will have the call placed and the databases is set to member author. Plus its a pay to access page so all this together i highly doubt it it will be misused.

plus extra check in the back end

but thanks for your heads-up!
you saved me big time here haha

Topic		Replies	Views
Update Owner ID on a collection Ask the community code , cms , wix-members-area , question	5	1026	December 24, 2021
wix-data update owner Ask the community code , question	4	307	August 25, 2021
Changing the owner Ask the community code , wix-members-area , question	38	3566	September 21, 2019
Dataset filter owner with code Ask the community code , question	5	625	October 3, 2019
Override _owner ID with original member's ID Ask the community code , wix-forms , wix-members-area , question	8	269	June 16, 2020

Rename Owner_ID to diffrent user?

Related topics