Scopes and Access Privileges
Buckets are managed in the three scopes: the application scope, group scope, and user scope.
Application Scope
Buckets in this scope belong to the application. These buckets are suitable for data shared by all the users of the application, such as the highest score of a game and default setting values.
Group Scope
Buckets in this scope belong to a group. These buckets are suitable for data shared by group members, such as data on a bulletin board.
User Scope
Buckets in this scope belong to a user. These buckets are suitable for data privately owned by a user, such as a user's personal data and setting information.
You can create multiple buckets per user or group instance in each scope. Each bucket can store multiple objects.
In the below example, each user has two buckets, PhotoData
and ViewSettings
. Suppose you need to display all the images owned by Bob James
. You can get the data of Tokyo Sta.
and Maldives
by calling the API which lists objects in the PhotoData
bucket of the user Bob James
.
Buckets and Access Privileges
Access to buckets in each scope is determined by the access privileges of the logged-in user.
In the below example, the logged-in user Bob
can access the following data:
Buckets in Bob's user scope
Buckets of
Sales division
that Bob belongs toBuckets in the application scope
Kii Cloud returns an error if Bob attempts to access buckets other than the above.
Buckets and objects have their own ACL (Access Control List) which is a whitelist containing users who can access them. You can change the access rule by updating the ACL.
Learn More...
See Customizing Access Permissions for more information about customizing access privileges.