PFACL

@interface PFACL : NSObject <NSCopying, NSCoding>

The PFACL class is used to control which users can access or modify a particular object. Each PFObject can have its own PFACL. You can grant read and write permissions separately to specific users, to groups of users that belong to roles, or you can grant permissions to the public so that, for example, any user could read a particular object but only a particular set of users could write to that object.

  • Creates an ACL with no permissions granted.

    Declaration

    Objective-C

    + (nonnull instancetype)ACL;

    Return Value

    Returns a new PFACL.

  • Creates an ACL where only the provided user has access.

    Declaration

    Objective-C

    + (nonnull instancetype)ACLWithUser:(nonnull PFUser *)user;

    Parameters

    user

    The user to assign access.

  • Controls whether the public is allowed to read this object.

    Declaration

    Objective-C

    @property (getter=getPublicReadAccess, assign, readwrite, nonatomic)
        BOOL publicReadAccess;
  • Controls whether the public is allowed to write this object.

    Declaration

    Objective-C

    @property (getter=getPublicWriteAccess, assign, readwrite, nonatomic)
        BOOL publicWriteAccess;
  • Set whether the given user id is allowed to read this object.

    Declaration

    Objective-C

    - (void)setReadAccess:(BOOL)allowed forUserId:(nonnull NSString *)userId;

    Parameters

    allowed

    Whether the given user can write this object.

    userId

    The PFObject.objectId of the user to assign access.

  • Gets whether the given user id is explicitly allowed to read this object. Even if this returns NO, the user may still be able to access it if publicReadAccess returns YES or if the user belongs to a role that has access.

    Declaration

    Objective-C

    - (BOOL)getReadAccessForUserId:(nonnull NSString *)userId;

    Parameters

    userId

    The PFObject.objectId of the user for which to retrive access.

    Return Value

    YES if the user with this objectId has explicit read access, otherwise NO.

  • Set whether the given user id is allowed to write this object.

    Declaration

    Objective-C

    - (void)setWriteAccess:(BOOL)allowed forUserId:(nonnull NSString *)userId;

    Parameters

    allowed

    Whether the given user can read this object.

    userId

    The PFObject.objectId of the user to assign access.

  • Gets whether the given user id is explicitly allowed to write this object. Even if this returns NO, the user may still be able to write it if publicWriteAccess returns YES or if the user belongs to a role that has access.

    Declaration

    Objective-C

    - (BOOL)getWriteAccessForUserId:(nonnull NSString *)userId;

    Parameters

    userId

    The PFObject.objectId of the user for which to retrive access.

    Return Value

    YES if the user with this PFObject.objectId has explicit write access, otherwise NO.

  • Set whether the given user is allowed to read this object.

    Declaration

    Objective-C

    - (void)setReadAccess:(BOOL)allowed forUser:(nonnull PFUser *)user;

    Parameters

    allowed

    Whether the given user can read this object.

    user

    The user to assign access.

  • Gets whether the given user is explicitly allowed to read this object. Even if this returns NO, the user may still be able to access it if publicReadAccess returns YES or if the user belongs to a role that has access.

    Declaration

    Objective-C

    - (BOOL)getReadAccessForUser:(nonnull PFUser *)user;

    Parameters

    user

    The user for which to retrive access.

    Return Value

    YES if the user has explicit read access, otherwise NO.

  • Set whether the given user is allowed to write this object.

    Declaration

    Objective-C

    - (void)setWriteAccess:(BOOL)allowed forUser:(nonnull PFUser *)user;

    Parameters

    allowed

    Whether the given user can write this object.

    user

    The user to assign access.

  • Gets whether the given user is explicitly allowed to write this object. Even if this returns NO, the user may still be able to write it if publicWriteAccess returns YES or if the user belongs to a role that has access.

    Declaration

    Objective-C

    - (BOOL)getWriteAccessForUser:(nonnull PFUser *)user;

    Parameters

    user

    The user for which to retrive access.

    Return Value

    YES if the user has explicit write access, otherwise NO.

  • Get whether users belonging to the role with the given name are allowed to read this object. Even if this returns NO, the role may still be able to read it if a parent role has read access.

    Declaration

    Objective-C

    - (BOOL)getReadAccessForRoleWithName:(nonnull NSString *)name;

    Parameters

    name

    The name of the role.

    Return Value

    YES if the role has read access, otherwise NO.

  • Set whether users belonging to the role with the given name are allowed to read this object.

    Declaration

    Objective-C

    - (void)setReadAccess:(BOOL)allowed forRoleWithName:(nonnull NSString *)name;

    Parameters

    allowed

    Whether the given role can read this object.

    name

    The name of the role.

  • Get whether users belonging to the role with the given name are allowed to write this object. Even if this returns NO, the role may still be able to write it if a parent role has write access.

    Declaration

    Objective-C

    - (BOOL)getWriteAccessForRoleWithName:(nonnull NSString *)name;

    Parameters

    name

    The name of the role.

    Return Value

    YES if the role has read access, otherwise NO.

  • Set whether users belonging to the role with the given name are allowed to write this object.

    Declaration

    Objective-C

    - (void)setWriteAccess:(BOOL)allowed forRoleWithName:(nonnull NSString *)name;

    Parameters

    allowed

    Whether the given role can write this object.

    name

    The name of the role.

  • Get whether users belonging to the given role are allowed to read this object. Even if this returns NO, the role may still be able to read it if a parent role has read access.

    The role must already be saved on the server and it’s data must have been fetched in order to use this method.

    Declaration

    Objective-C

    - (BOOL)getReadAccessForRole:(nonnull PFRole *)role;

    Parameters

    role

    The name of the role.

    Return Value

    YES if the role has read access, otherwise NO.

  • Set whether users belonging to the given role are allowed to read this object.

    The role must already be saved on the server and it’s data must have been fetched in order to use this method.

    Declaration

    Objective-C

    - (void)setReadAccess:(BOOL)allowed forRole:(nonnull PFRole *)role;

    Parameters

    allowed

    Whether the given role can read this object.

    role

    The role to assign access.

  • Get whether users belonging to the given role are allowed to write this object. Even if this returns NO, the role may still be able to write it if a parent role has write access.

    The role must already be saved on the server and it’s data must have been fetched in order to use this method.

    Declaration

    Objective-C

    - (BOOL)getWriteAccessForRole:(nonnull PFRole *)role;

    Parameters

    role

    The name of the role.

    Return Value

    YES if the role has write access, otherwise NO.

  • Set whether users belonging to the given role are allowed to write this object.

    The role must already be saved on the server and it’s data must have been fetched in order to use this method.

    Declaration

    Objective-C

    - (void)setWriteAccess:(BOOL)allowed forRole:(nonnull PFRole *)role;

    Parameters

    allowed

    Whether the given role can write this object.

    role

    The role to assign access.

  • Sets a default ACL that will be applied to all instances of PFObject when they are created.

    • If NO, the provided acl will be used without modification.
    • If acl is nil, this value is ignored.

    Declaration

    Objective-C

    + (void)setDefaultACL:(nullable PFACL *)acl
        withAccessForCurrentUser:(BOOL)currentUserAccess;

    Parameters

    acl

    The ACL to use as a template for all instance of PFObject created after this method has been called. This value will be copied and used as a template for the creation of new ACLs, so changes to the instance after this method has been called will not be reflected in new instance of PFObject.

    currentUserAccess
    • If YES, the PFACL that is applied to newly-created instance of PFObject will provide read and write access to the PFUser.+currentUser at the time of creation.
    • If NO, the provided acl will be used without modification.
    • If acl is nil, this value is ignored.