I have recently built an internal app for our company to use as our CRM and to track service and maintenance on our sold products. All data is intended for our internal use only and for our partner who can log in to the app. This seems to be working fine with Row Owners set up so that any user in a partner company can access only the rows that are created by them. For all users in our company we are able to access all rows. This seems to be working fine and I can confirm it by looking at the data tab where rows get greyed out when i switch to a user who are not a Row Owner.
However, I recently launched a new feature where public users (our end customers) can access 1 particular screen in the app without logging in to register their product for warranty purposes. I changed the settings to public with optional sign in. Everything seems to be working well as for the function, BUT I am very concerned about security.
Now, I notice that when I go to the Data tab and switch from viewing as myself to “View as anyone” nothing changes, nothing gets grayed out. Does this mean that my data is accessible to all public users or is it just me misunderstanding the “View as anyone” feature?
I can replicate that, and I think its a Data Editor bug.
However, I don’t believe that will have any impact on how it works in the published App. Users that are not signed in will only have access to rows that do not have row owners applied.
You can conduct a test for yourself to confirm this. Pick a table that has row owners applied, and add a collection to your “public” screen that uses that table as a source. Then access that screen without signing in. The collection should not appear.
Thank you very much, this makes me feel much better. And thanks for the great idea for testing it, I should have thought of this myself. I conducted the test and could not see any collections when I access the screen from a private browse window. I will go through all my tables now and enable Row Owners for most of them and then make another test before setting the app to Public again.
Other than that, do you see any concerns with opening up part of the app to the public like this, when the other 99% of the data in the app is only for internal use? The reason why I am doing it, is because I do not have access to the API on our plan and I would like to keep as many features as possible in Glide.