Private Pro Role Security Query

I am experimenting with a Private Pro app for a customer. The User Profile table will contain rows for the customer’s clients and also the customer’s staff members.

The clients should only see their own rows whilst the staff members should see all rows. This logic applies to both the User Profile table and other tables within the app that relate to a client.

It seems as though I need a row owner to be both the client email and the staff role.


Is this best achieved via an array column (which I’d prefer NOT to do) or can I simply specify two columns as row owner in each table where this is applicable?

EDIT: Don’t think I mean array column, rather concatenated column

1 Like

I think there are a few different ways to skin this cat. Here is one way I’ve done it:

  • In my User Profiles table:

    • An array column as Row Owner, which contains the users email address plus any Roles that should be able to view that Users data (eg. Admin)
    • An array column for roles, one for each defined role (this where I assign roles to users, and this array column is the Role column I have selected in my User Profiles configuration)
  • In other linked tables:

    • I use an array column as the Row Owner
    • The first column in the array is generally the email address of the primary “owner” of the row
    • The additional array columns are used for Roles that should have access to that row

NB. I created the above before the new “multiple columns as owners” feature became available - I haven’t really explored that yet.

I know the above doesn’t help with your goal of avoiding array columns, but… what’s your objection to that?

Edit: Oops, upon examining my app a bit closer, I realised that I actually use an array column as Row Owner in my User Profiles sheet. Have updated the above to reflect that.

Hey @Darren_Murphy thanks for the reply and nice to hear from you :slight_smile:

Re: Array columns, I try to avoid them if possible because they can make my “logic” a bit funny by forcing me to name multiple columns in a certain way. I’d rather not ideally. That’s the only reason TBH.

Re: your comment about “multiple columns as owners” that would be perfect. Is that actually a thing now and, if so, is there an instructions link somewhere?

Finally, it seems that in exploring this functionality I have uncovered an issue in the (new) GDE. When I use a combination of email address and role as a row owner and then impersonate within the GDE as follows:

  • Impersonate user 1 (has no role just email) - only see their rows - all good
  • Impersonate user 2 (has no role just email) - only see their rows - all good
  • Impersonate user 3 (has role and email) - see their rows AND rows owner by their role - all good

But, once I have impersonated user 3, their "view’ seems to stick within the GDE even when I go back to impersonate user 1 or user 2. Is this a know thing?

Sorry - two questions in there somewhere - cheers!

1 Like

Sure is. Here is the announcement:

I haven’t noticed that exact behaviour, but it certainly can be a bit quirky sometimes. Whenever I see weird stuff like that, I find that it (usually) sorts itself out if I navigate back to the main dashboard, and then open the app again.


Appreciated @Darren_Murphy I must have missed that one. Cheers.

Re: the quirks, they can be “reset” by exiting and entering the GDE or by refreshing, but that whole process can make design / review / debug awkward. I imagine this would be super-confusing to a new user trying to get their head around row owners and roles.

Is this a logged issue @Mark or @Jason ?

1 Like

Hey! Please send us a recording and link to the app to

The issue described by @V88 is very easy to replicate, and it’s repeatable. I just tried on two different apps - one a Private Pro and the other a Legacy Pro - and both behaved the same. I’ll put together a video and send it through with a support link.

Edit: Have emailed support with details.

1 Like

Cheers @Darren_Murphy - I’ve been with a customer the last few hours so only just saw your response. I have repeated too. It’s a bit worrying given this is supposed to be a security feature. Can we give any priority to a response from support? Not necessarily an immediate fix but an acknowledgement that there’s an issue here?