Hello,
I have a couple of questions about the CloudKit public database:
- Is it possible to control what authenticated users can write to the database on the server side? I know I could write logic in my iOS app to prevent to prevent certain actions, like uploading more data than I want to allow, but traditionally one would write server-side checks too. Even if I don't use CloudKit JS, it still seems like a malicious user could intercept network traffic and interact directly with iCloud to bypass any validations I've included in my app.
- Is it possible to block a user from using my app and interacting with CloudKit entirely? Along the same lines as question 1, I may want to block a malicious user from interacting with my public database, particularly writing to it.
- Is it common practice to write configuration settings to the public database as an administrative user and to have the app look for these known records? For example, I could add records to a configuration zone via the iCloud dashboard and have my app read them at startup to do things like enable/disable signups.
Thanks for any help and guidance on these issues!
