Private Sign in, Limit Access by Email

Okay, so I think the way to fix this is to set the email column on your Business Owners sheet as the row owner. That should sort out your visibility issue with the button.

But… based on what I’ve seen from your other posts it may introduce another problem, which is that individual business owners wont be able to see information about other businesses - and that would be a problem, yes?

Yes, I looked into the row owners, all rows must to visible to all users of the app.

I have specific items I will add behind that button that are visible based on signed in email address.

Okay.

Let me first preface this by saying that what follows is not much more than me thinking out aloud, and there is every chance that I could be wildly off base.

With that said…

I’ll assume first that within your Business Owners table there is a mix of information about each business. Some of this you want to make public, but some should be kept private and only accessible by individual business owners. If that’s not true, then you can probably stop reading here. Otherwise, read on…

If there is any private information in the Business Owners sheet, then you definitely should be using row owners on that table. But then, how do you make the “public” information available?

This is what I would do:

  • Create a 2nd sheet, let’s call it Business Owners Public
  • The first column of this sheet would be an arrayformula, which copies the RowID from the private table
  • You use this column to create a relation between the two tables
  • With that in place, you can add a lookup column to bring in each column from the private table that you want to make public
  • You do not set any row owner on this table, so all data is accessible by anyone

Then with the above in place, anywhere in your app you need to display “public” business owner data, you reference this sheet instead of the “private” sheet.

This is a very similar approach to what @kyleheney described here, and to my simple mind it is both sound and secure.

3 Likes

OK thank you! I will try this.

If I switch the sheet being used to pull data for the app, will all of my components and styles be reverted back to default?

Ok I worked through this. Instead of re-doin my entire app, any other options to make one column secure/not visible to public users? Visibility isn’t enough?

No, that shouldn’t happen. You will just need to reconfigure the existing components and point them at the new sheet.

The problem with visibility is that all data is still downloaded to the users device, and then the visibility settings “hide” the data from them. But it’s still there, and a savvy user will know how to get at it quite trivially. As an app developer, this leaves you exposed, and so you need to decide if you’re willing to take the risk that somebody might get hold of that data (and the potential consequences that might bring).

Using visibility to ‘restrict’ data access is good example of what’s commonly referred to as Security through Obscurity.

But when you use row owners, then only the data that belongs to that user is downloaded to their device. The rest stays on the Glide servers - and so it’s much much more difficult for a bad actor to get at it.

Yes, Yes I get that 100%. I am working through adding all the lookup columns, I see I can’t give the headers the same name?

Also, for the private sheet, I will still want the email address column viewable by other businesses so that they can communication with each other via email (this won’t work with row owners) If I have this sheet behind the button which is only seen when a business is signed in, can a savvy public user access this sheet as well?

Where are you adding these lookups?
It may not have been obvious, but my suggestion was to create the lookups in the Glide table.
So when you are done with the “Public” sheet and you look at the Google Sheet - you will only see one column, which is the RowID with the arrayformula. All the rest will be computed columns that only exist in Glide.

You should be able to give those columns any name you like.

1 Like

I’m not 100% sure about that one, so I’d defer to somebody with a much deeper understanding than me (looking innocently at @Jeff_Hager :innocent:)

Oh yes, I am creating them in the public sheet via the Glide data editor.

1 Like

Unless you have a row owner or roles setup then that data is exposed.

Even for sheets not synced for data unless you are signed in? Where those who are signed are allowed to see that information.

I’m not totally sure on that answer. I just go under the assumption that any data that is not behind row owners or a secure private login is susceptible to being snooped by a savvy user regardless if they can access that part of the app or not. I’m not sure at what level the database is cached on the user’s device, but I would assume that most, if not all, data is synced and downloaded to the device to provide speed and ease of use to the end user. Row owners prevent that download from happening for users that are not meant to see that data. Like you said security through obscurity is not security at all.

Case in point is the recent post where a fellow app builder was notified by an anonymous user that all user data was accessible through various techniques, even though it was not technically visible in the app ui.

4 Likes

I see.

Three questions…
Is it the glide editor or google sheet that downloads onto someone’s phone?

How can I have the email address column accessible and able to send emails for all business owners once they sign-in?

Do you know how long this data is cached? If I switch my public synced sheet to this more secure one, the old one might still be downloaded on some phones.

Thanks!

Correct. As long as the data is downloaded to the device (means it’s not protected by row owners or roles), it’s exposed.

It took me just 2 minutes to get to @Jen_NYCP’s app and get (I think) all data that is stored on the Sheet. It’s not secured.

2 Likes

It’s the same data you would see in the glide data editor. All computed columns are always computed locally on the user’s device. Not on the glide servers.

Are the emails only supposed to be accessible to other business owners and not the public? What data needs to be protected?

I have no idea how long it’s cached or if the cache is cleared after a user signs out of the app. It could all depend on the browser. All websites cache data within the browser but I assume it’s updated when a user is using the app.

1 Like

Yes, the email address, and two others actually should be secure or not accessible by the public (not sure if that is the same thing) But I would like the other business to access the name and email address column of other businesses for contact.

Does anyone have their users contact each other via email?