Azure mobile services Custom API different permissions to multiple GET Actions

Question

I am using Azure mobile services with Node back end. I have created one Custom API called "Department" which contains two get methods.Code for Department API is as follows -

 var util = require('util');
  var config = require('mobileservice-config');
  var databaseSchema = config.appSettings.DATABASE_SCHEMA;

  exports.register = function (api) {    
    api.get('getDepartment', getDepartment);
     api.get('getAllDepartment', getAllDepartment);

}

Following is the code for department.json permission file -

{
"routes":{
"*":{
"get":{
"permission":"user"
},
"post":{
"permission":"application"
},
"put":{
"permission":"application"
},
"patch":{
"permission":"application"
},
"delete":{
"permission":"application"
}
}
}
}

I want my route "department/getAllDepartment" should be accessible to all users who has application Key. But I want only authenticate users should be able to access my another route i.e. "department/getDepartment".

I did some research and found one solution as explained here . I tried that solution but it did not work for me.

Can some one please tell me how can I make it work?

Following is the code for "department.json" permission file which I am trying after referring the above link.

{
"routes":{
"/":{"permission":"application"},
"/department/getDepartment":{
"permission":"user"
},
"/ department /getAllDepartment":{
"permission":"application"
},
"post":{
"permission":"application"
},
"put":{
"permission":"application"
},
"patch":{
"permission":"application"
},
"delete":{
"permission":"application"
}

}

Answer 1

I don't believe you should repeat the base api path (department) in your json. It should just be:

{
    "routes": {
        "/": {
            "permission" : "application"
        },
        "/getDepartment" : {
            "permission" : "user"
        },
        "/getAllDepartments" : {
            "permission":"application"
        }
    }
}