Imagine, for a moment: you’re building an app with a grand vision – it will have lots of users, user-generated content, and be so popular that it’ll need a team of people to curate the content and make sure everything lives up to your high standards. You’re defining a great feature set, and you’re designing your app with security in mind for the
protection of your users and your content. You’re on a roll! Well, perhaps more appropriately, you’re on a role.
Awesome puns and epic set-ups aside, Parse is excited to announce a new security feature for your apps: Role-based Access Control.
Parse’s existing security model allowed you to grant permissions (using ACLs) to read or write individual objects on a per-user basis.
You can now define a set of Roles for your application – groups of Users that share a common set of permissions. In the example above, the content curators might belong to a Role called “Curators”, and every piece of content your users create would be granted public read access, while limiting write access to members of the “Curators” Role:
PFObject *post = [PFObject objectWithClassName:@"Post"]; PFACL *postACL = [PFACL ACLWithUser:[PFUser currentUser]]; [postACL setPublicReadAccess:YES]; [postACL setWriteAccess:YES forRoleWithName:@"Curator"]; /* Add the user's content */ [postACL saveInBackground];
When a new curator has been hired, just add them to this role, and they will immediately have write access to all of that content and can get to work making sure the content meets your standards.