Hi,
Is it possible to make the row id the row owner in a “Company” table and restrict data in all other tables to users that relate to the company?
To explain further:
I have the following tables:
The “Companies” (top level) table has users and properties related to it.
I only want users who are part of a specific company to be able to see properties owned by that company.
When I make the company row id the row owner, none of the users belonging to that company can see the properties. How do I fix this?
The reason I am doing this is because I want to create an app that can be used by many clients but they should only see their own data.
Thanks!
You can, but you need to set the Role setting in your user profile configuration to the Company ID column in the User table. Row Owners only works with email addresses and Roles. A user always has an email but you they can also have a role if you set it up.
Once you have Roles configured, then you can apply Row Owners to any columns that contain email addresses or Company ID’s and any user with a matching email or company ID will have access to that data.
Wow. Thank you @Jeff_Hager
Another question: If I add units that belong to properties through a relation, do I need to have the Company ID in the table to restrict access? In other words, does the “Units” table inherit the permissions of the “Properties” table due to the relation?
It seems like the Company ID column has to be present in every table.
Permissions are not inherited. Row Owners determines what data is sent to the user’s device. After that data is received, then compute columns, such as relations then work with only the data that is available on that device.
If you have row owners applied to a table, then only owned data is sent to a user. If row owners is. ot applied then all data in the table is sent to the user.
To answer your question, yes the company ID needs to be added to any table where you want to securely restrict data, and you need apply Row Owners to that column.
