Granting Public Write Access to Data Records

(Lewis) #1


I’ve got an Asset Listing that lists off data records. When both the Asset Listing and the data records are unpublished and the Asset Listing is set to list only unpublished data records, this works absolutely fine.

I need to put the Asset Listing live so the public can access it but, when I do, I can’t list off the data records as they’re still unpublished.

I’ve found that, by granting public write access to the unpublished data records, I can get the Asset Listing to list them, even though they’re unpublished. This approach seems to kind of be documented in Squiz’s Permissions screen (clicking on the tool tip next to write access).

What would Squiz recommend? Publishing assets with public write access sounds doubly scary, even though this isn’t sensitive data, but it seems to be the only way to get an Asset Listing to work once it’s live!

Any other ideas?


(Iain Simmons) #2

Hi Lewis,

I would recommend NOT giving public write access to any assets, though technically the Public User doesn’t have access to the Administration or Edit+ interfaces.

One possible solution is to have a trigger that writes the content to a static file (HTML or JSON, depending on what your listing outputs) whenever the data records are updated. Then you nest the contents of the static file with %globals_asset_file_contents:12345% or similar.

This has the added benefit of being faster to load for your users, but at the cost of taking slightly longer to save any changes to those assets. It’s suited to situations where there are not too many frequent updates.

(Lewis) #3

Hi @isimmons. Thanks for the update!

It’s a shame that asset listing don’t allow for read only listing to the public when an asset isn’t published. Is this something that’s on the roadmap?

When creating the data records, having the grant option for public read implies that it’s possible but it isn’t.