I can't seem to figure out the proper URL for performing permission changes. Following the docs, I can successfully change global permissions for all realms by passing * for the URL, but I can't get specific named realm permissions to stick. I am attempting to grant read-only access to realms created by another (admin level) user.
[RLMSyncPermissionChange permissionChangeWithRealmURL:@"realms://my.domain.com:9443/~/Realm-Name"
userID:@"5443d0cfc457b762e47855ffc3b0732d"
read:@YES
write:@NO
manage:@NO];
Shows this in the server logs (and in the statusMessage field, with a statusCode of 616):
error: permission: Error when processing PermissionChange(id='32455E8C-8...'):
The server is not authoritative for this URL.
The URL I am passing is the same as that used to create the Realm. Where am I going wrong?
If you've deployed the Realm Object Server to an external reachable URL, you need to configure the host(s) for this in the configuration.yml under the key auth:sync_hosts, if you want to use these external URLs with the client permission API.
This could look like below:
auth:
sync_hosts:
- my.domain.com:9443
Beside that the server will always determine itself to be authoritative for localhost. This can be also passed as its IPv4 variant 127.0.0.1 and IPv6 variant ::.
So alternatively, you can just construct the URL you pass into RLMSyncPermissionChange based on that:
[RLMSyncPermissionChange permissionChangeWithRealmURL:@"realms://localhost:9443/~/Realm-Name"
userID:@"5443d0cfc457b762e47855ffc3b0732d"
read:@YES
write:@NO
manage:@NO];