Skip navigation

Re: How to restrict participant control on shared CloudKit CKShare?

203 Views 3 Replies

Latest reply on Jul 2, 2019 9:59 AM by PBK

Level 1 (0 points)

inreflection7 Jul 1, 2019 8:16 AM

I am making an iOS app using CloudKit where a user can make a post with some content (title, images, body, etc.) and I want them to be able to share that content using a CKShare for viewing only and have the participants post comments without the ability to modify the original post or delete it. Not to unlike Instagram, etc. Is this possible? What would the data model look like?

Using the Photos app and its shared albums as a reference, participants can post comments, like posts, etc. but they can also delete images which I'm trying to avoid. I'm looking for a better security model than "just don't put a delete button in the UI".

Ive done this easily with Firebase and their granular ACL controls but don't understand how to do this with CloudKit.

Re: How to restrict participant control on shared CloudKit CKShare?

Level 7 (3,365 points)
PBK Jul 1, 2019 10:19 AM (in response to inreflection7)

I believe you can accomplish this with two CKShare records. One contains the photo and it has CKShareParticipantPermissionReadOnly. The other contains the comments and it has CKShareParticipantPermissionReadWrite.

see:
https://developer.apple.com/documentation/cloudkit/ckshare/1640494-publicpermission?language=objc
https://developer.apple.com/documentation/cloudkit/ckshareparticipantpermission?language=objc
https://developer.apple.com/documentation/cloudkit/ckshareparticipantpermission/ckshareparticipantpermissionreadonly?language=objc
This helped me (1)

Actions
- Re: How to restrict participant control on shared CloudKit CKShare?
  
  Level 1 (0 points)
  inreflection7 Jul 2, 2019 5:52 AM (in response to PBK)
  
  Not a bad idea. Does this mean the user has to share two links and participants need to accept two?
  
  This helped me (0)
  
  Actions
  - Re: How to restrict participant control on shared CloudKit CKShare?
    
    Level 7 (3,365 points)
    PBK Jul 2, 2019 9:59 AM (in response to inreflection7)
    
    I am not sure but you might be able to do it with a single share using two records where one is the "parent" of the other. A single share shares the record and its parents (or is it the otherway?). And I don't know if you can have different permissions for a record and its parent.
    
    This helped me (0)
    
    Actions

Go to original post

More Like This