A question about security through relation columns?

Would i need to switch on Row Owners for the Roles Column?

Normally, no.

But you would have a separate column that contains the name of the role in every row, and that column will have row owners applied.

Have a look at that link I gave you. I like to think that it explains it fairly clearly.

Sorry i just saw the screen shot image now, i think i get it.
The role column tell us who is an admin, editor manager or whatever.
Then use another column to define which rows can be see by the admin, manager etc.
Maybe i will create two columns for Admin and Manager, then use the roles column as you’ve shown.

This is what I do

Yep, that’s it. Just remember that you need to define the Role column in your User Profile configuration, and also be aware that any user that is assigned a role will be counted as a private user (regardless of your App’s privacy settings).

I’ve been using the same methods for three years now, but i’m overhauling my base app (which typically has the same onboarding processes) so i’ve been amazed at all the new features right under my fingertips that i’ve never bothered to use.
If it ain’t broke… don’t fix it. That great saying… is making me obsolete😂

A lot has changed in the last 3 months (even weeks), let alone the last 3 years. It’s hard to keep up, even for those of us that spend every day in the Glide Builder

Man, i’m learning lot’s today, just figured out what Private users actually means. Had no clue what private users was about. Ignorance is bliss. Thanks guys, this has been very educational. Still have to set up and test Roles etc, but sounds easy enough from your messaging.

Roles is a very powerful feature. I’m not sure how others are using it but what I do is give every base level user a unique role in my app.

E.g.
Customer-1
Customer-2
Customer-3

Vendor-1
Vendor-2
Vendor-3

Then I use ‘includes’ for my permissions like add, edit, delete and screen visibilities.

E.g. if → user role → includes → Vendor…

This is a lot more work because you have to use something like Make + Glide API in order to assign dynamic roles. If you don’t have access to the Glide API then you could use GSheet for your user profiles.

The security benefit is all my rows are protected and without using any emails to do it.

For your use case I would simply switch on the roles and add an Admin/ Manager but since you mentioned redoing your app I thought I would share.

Absolutely agree with that. People reading the documentation nowadays i bet are seeing a vastly different thing to what it was 3 years ago. The same… but different.

Definitely loving the upgrades though. So many things are so much easier to do now. But definitely need to make a habit of doing some refresher tutorials and reading the docs.

Thanks for that. I once tried Make but these api’s and low coding stuff still scares me. I’ll try the latter just now. Thanks again👍

Please vote up this feature request! Push notifications with anonymous login emails

Until push notifications to specific users works with anonymous emails, it is impossible for you to keep user email addresses secure and use notifications.

I didn’t read thoroughly through all the replies, but I think you got most of your answers.

Here’s how I tend to structure user accounts/profiles:

• Main user profile table stays private with row owners on. This I call “User Accounts (Private)”.
• Public user profile table is separate table, without row owners. If users are interacting with eachother in the app, all the sharable data about the user is on this table. I call it “User Profiles (Public)”.
• Anonymous emails are used for login. These I call “User EID” for email ID.
• During onboarding process, I’ll collect real email and store in the User Accounts (Private) table, and create the User Profiles (Public) row.
• Messages and other private data use User EID’s for row owners.
• Notifications should be able to be sent with the User EID’s messages etc, but they can’t be because I use anonymous emails.

What I’d really like Glide to do is stop using email as the “true” user ID, and instead use the user profile row ID as the User ID. That would allow us to send notifications to the User ID, and also allow us to safely collect real email addresses since they could be safely retained in user profiles table with row owners on, while User ID is then used on all the tables for determining row owners. Without this, I can’t collect real emails on login and keep them private when using row owners between 1:1 messages, and I can’t allow users to change the email address they use for logging in.

That’s an awesome solution. I love how you worked around the limitations to give unique row ownership to every user without using emails.

It’s also a pity that this is needed. Like why aren’t we using user row ID as the user ID instead of email (as in why is this not how Glide works). What limitations did you find with using anon emails, that had you using roles like this instead of just using anon emails? It allows you to collect real emails, which I would rather do… anything else?

And lastly, it’s unfortunate that this solution isn’t available for apps that have more than a few users. On my pro account I only get 50 private users, but my still prototype-ish app has over 2k users. I guess this solution wouldn’t solve my issue of sending push notifications from one user to another either.

• Thanks for the breakdown, nice to hear others are using similar solutions.
• I’ll upvote the feature request for sure.
• For Push Notifications, basically the combination of Row Owners and Roles means that i can access and save a joined list of email recipients to my Broadcast Table.
• Would agree that using User Profile Row ID as the USERS ID would be the best for security and for push notifications.
• I actually have no need for emails really, except for Push and Row Owners. But if they could operate off Virtual Addresses then many issues would be solved.

Are you the only one sending notifications, you just want to specify recipients? If that’s the case you can get by. What I can’t do as far as I’m aware, is have a any public users send notifications to each other, as in a 1:1 chat.

I just saw the comments collection now in preview, it would be so cool if those comments could optionally be sent as push notifications, that would be a gamechanger. But there might need to be some way to cap the updates, back and fourth comments would cost a pretty penny in terms of updates.

Have you seen the new comments collection. Switch it on in the previews at the top right of the teams dashboard. I seem to remember a topic thread last year about push notifications within comments component. That would be awesome.

Yeah I have my comments set to notify the post author, and to notify a commenter if their comment is replied to. But that app just has a dozen test users on it because I can’t open it up to more people yet, because I’m not going to open it without using anon emails. So… just waiting on Glide to make anon emails work with notifications.

Yes, i needed to specify recipients form the Users Table which has row owners, the method above allows for that, nice solution.

Yep, I’ve checked out the comments. Pretty nifty. NEW! Introducing Comments Component