UserID as parameter for Methods? Use this.userId instead at server side?

[heberallred]

Is there a reason you are passing the UserID from the client to the server in the methods? It seems this would be a security issue (not major since it's not able to access a lot of data), but would allow a user to spoof any user is online/offline by passing their userId to the method. It seems the method at the server side should just use this.userId to determine the userId instead.

[sampaiodiego]

yes.. there is an user case where you want to track the presence of a different entity other than an user. so you can pass "anything" as the "user id".