backand : issues with user creation, deletion, update

Question

I'm creating an app using ionic/angularjs using Backand as the backend service. I have it setup to use a MySQL database.

1) When I create a user through the SDK (version 1.8.2 from the CDN), the user shows up in Registered Users area but does not get a row in the 'users' table. Someone mentioned that I should have Anonymous Access set to User as they said this is a permissions issue but that did not solve the issue for me.

2) I can manually add a user through the Backand GUI and the user gets a row in the 'users' table as I would expect.

3) I can not manually delete users or rows in the 'users' table through the Backand GUI. I get an error stating that the "Delete My App User" failed to perform. You can't specify target table 'users' for update in FROM clause. I haven't modified the Security Actions at all. They're all default. Updating a user receives a similar error.

4) I created a blank app in Backand and updated my app with the new tokens and app name. I was able to login to that app using login credentials that were created on the original app but were not a part of this app. Does this mean users can access any Backand once registered with one app on the system?

Am I just really missing how 'users' registration and logins are suppose to work in Backand?

Any guidance would be appreciated. Thank you in advance.

Answer 1

You can read more on the Back& security concept here.

User can only access to the app he was registred into. In your case I believe the second app has anonymus access, so you have signed in to the first app and got access token, and using the anonymus header you accessed the second app.

Please use incognito window mode for the second app and then you could debug two apps.

You can also review Back& User example to play around with the security.