Apps and permissions
Most of the Weavy building blocks are backed by a corresponding app in your Weavy environment. The apps are required for permission and access control, and also for storing the content generated by users of the building block.
Apps
You can think of apps like containers for content, and the type
of an app controls the type of content it can contain.
For instance, you need a chat
app for storing messages, a files
app for storing files, and a posts
app for storing posts.
Contextual apps are identified by a uid
which is a string that uniquely identifies the app.
Typically you can use the id of something already in your app such as a product, or page id. You can also use an URL as uid
if you want.
Note that the
uid
cannot contain whitespace and must contain at least one non-digit.
Apps are created automatically by the building blocks when needed, but for better access control and individually assigning permissions to users you can also use the Web API to create apps ahead of time or to modify already created apps.
Permissions
Controlling access to apps can be done on two levels. First you can set the access
property whan creating the app.
This property defines the permissions for users who are not members of the app.
- If you want an open app where all authenticated users are allowed to create content: create an app with
access=write
. - If you want a read-only app where users can see content but cannot create anything: create an app with
access=read
. - If you want a closed app that only members can access: create an app with
access=none
.
Additionally, the directory
property let's you reference a user directory
and is used in combination with access
to specify that only users in a specific directory can access the app.
Members
By adding members to an app you can override the default access
property on the app for individual users.
Adding members to an app is done with the Add member endpoint in the Web API.
- If you want to give a member permission to create content in the app: set
access=write
. - If you want to give a member permission to read content in the app: set
access=read
. - If you want to block a member from accessing the app: set
access=none
.
Use cases
If you have a large number of users that should have to access an app it is often convenient to set access
on the app to read
or write
.
If needed you can also define a few members with different access
, for instance none
to block them from accessing the app.
For maximum control over who can access an app, set access=none
on the app and define members with individual access
levels.
You could for instance give write
access to a few members, and read
access to others.