Personal Data Dashboard Safety

Dear Gliders, please, give me an advice.

I have an app with the sensitive personal data.

I can secure it with row owners, this is ok, I get that part.

But what if I want to make a CRM or dashboard with all that data for a couple of admins?

How do I have it secured?

If I make a second app with shared database for admins only to be able to sign in, will it be the most safe solution?

Or are there better ways? Thank you!

You can either create multiple row owner columns in the same table (one for each admin email), or you can use Role functionality, or you can create a separate app for admins as private users.

Role functionality is probably the easiest to maintain.

Thank you!

But, please, explain this thing to me.

For example, I make a tab for dashboard with all users data and make it visible for admins (roles) only. Is it safe? I’m asking because I read that filters and visibility settings are not safe at all. This part is a bit confusing.

Correct. Using filters is not secure at all. But that is not what Jeff suggested. In fact he mentioned nothing at all about filters. The suggestion was to use Row Owners and Roles. As long as you set it up correctly, then it will be impossible for non-admins to see the data of other users.

Well, I bet that Jeff knows what he’s talking about.

The problem is that I don’t have a clue.

Could you, please, explain to me exactly how I should arrange my app with row owners and roles to make my dashboard for admins secure?

• In your User Profile table, you need a Role column. This column should be set as the Role column in your User Profiles configuration. Place the word Admin in that column in each of your Admin Users rows.
• In each table where you want the data protected by Row Owners, you need two columns with Row Owners applied. The first column should contain the email address of the user that “owns” that row, and the second column should contain the word Admin.

The above setup will ensure that each non-admin user has access to only their own data, and admin users will have access to all data.

Thanks all for the clear explanations. Since I have a similar use case as @Alina I would like to ask a followup that is also not 100% clear for me.

I also want to have a dashboard with the users table shown in the front end but only to admins (in order to manage users’ attributes).

Now how would i protect this page from other users? Is it even possible?

You could use a visibility condition on your Dashboard such that its only visible to Admins.
The fact that visibility on its own isn’t 100% secure doesn’t matter, as long as the underlying data is protected by Row Owners. That is, even if a non-Admin user managed to find a way to access the dashboard, all they would see is a User list containing one record - their own.

Ah, okay. Thanks for the clarification. It all makes sense now

Please, have a look, if this what you mean

The ‘Email Admin Owner’ Should contain the role of ‘Admin’ instead of an email. An email is fine, but that restricts you to only one administrator. Using Roles, you can have multiple Admin users. For example, if you have 5 administrators with a role of ‘Admin’, then setting a row owner column to ‘Admin’ will give all 5 of them access to the row instead of having to set up individual row owner columns for each administrator email.

When I do it like this (see screenshot) and I test it on the collection made of Users (this is where I have those roles and row owners applied), then everybody has access to everything. I mean users test01 and test02 can see all the data.

How do you know that?
Just because you can still see rows in the Data Editor, that doesn’t mean they will be loaded onto a users device. Try adding a Collection to a screen using this table as the source, and then “View as” different users.

Also, which of the above 3 columns is configured as the Role column in your User Profiles configuration? (it should be the 3rd one)

Also, your second column should be a text type column, not email.

This is exactly what I did.

I noticed that this column is email too, changed it to text, nothing happened. Still everybody sees everything.

I assigned roles correctly, see screenshot.

Have you tested this way yourself?

Yes, almost every day in every Glide App that I’ve ever built in the past 3+ years.

I’m skeptical. Please show me a screen shot from the Data Editor when viewing as a non-admin user. Make sure the “Viewing as…” is visible in the screen shot.

Here it is:

tab-screen1911×640 85.4 KB

Can you do a quick browser refresh and check again?

That’s not the Data Editor, but anyway something clearly isn’t right.

Sometimes the builder and data editor can be a little flakey when applying roles if you switch back and forth between users.

What happens if you reload the builder while you are viewing as that user? Does anything change once it’s reloaded?

I closed and reopened and refreshed several times.

If by Data Editor you mean Users Table, here you go (all the rows):

data-table1908×379 54.5 KB

Maybe it’s a glitch, I will check tomorrow.

But I need to figure out the solution for my project.

Please, confirm that safe ways are:

1. I put admin (roles) emails in duplicate columns with row owners (for 2 admins I make 2 separate columns with their emails etc)
   or
2. I make another app with shared database with access for admins only.

The second way is the ultimate safety, is it true?