In my project, there are some methods in CloudScript that should be callable from the client, and some that should only ever be called by gameservers or administrators.
For example, a client might call "collectAchievmentAward()" to collect some rewards for an achievement they recently completed. And an administrator might use a scheduled task to call "deleteOldPlayerAccounts()" to automatically use the Admin API to remove unused player accounts. (These aren't the best examples, but I hope my point makes sense anyway)
From what I can tell, the client can invoke any CloudScript method using an ExecuteCloudScriptRequest
, which seems like an issue if I have some methods that the client shouldn't be able to use.