Row owner / Roles question

sumgii · February 7, 2024, 5:38pm

Apologies for the flurry of questions this week. I’ve been going back over my app and trying to improve it / squash issues based on what I have learned since I started building it (this could be an endless cycle!).

I’ve spotted an issue with row owners / roles

My app if for user by my clients. I have multiple users in each client company. I therefore use the company id as the row owner.

I additionally have a field “visible to administrator” as a row owner and just add the value “admin” in there for all users. My company id is admin.

All good so far. This is working almost perfectly. Except when it comes to comments.

When it comes to commenting client users cannot see who left the comment (name/avatar) when it was an admin. ie, when I leave a comment, they don’t have permission to see my Name and avatar.

I can’t see how to make that one row visible to all. I thought about moving name and avatar to a separate “unowned” table, but this is not ideal as other clients names and pictures would then be unprotected.

I’ve been back through the row owner and role tutorials, but not found any clues. Does anyone have pointers?

Darren_Murphy · February 7, 2024, 5:44pm

sumgii · February 7, 2024, 6:25pm

I just watched that video again. It doesn’t actually add anything to what I said above.
It’s the same approach as I suggested of when I mentioned an “unowned table”.

Using this approach would solve users being able to see my profile details, but would introduce a new issue: Anything in the public profiles (unowned) table would be visible to all. So users in client organisation 1 would be able to see the names and photos of users in client organisation 2. As I mentioned in the post, this is not ideal as names and photos are both protected personal information.

Darren_Murphy · February 7, 2024, 6:46pm

Couldn’t you use the same concept, but only add your Admin users to the Public table?

sumgii · February 7, 2024, 7:52pm

That’s how I’m thinking, but I can get my head around how to display the right data when it’s needed: For example, in a comment component .

I might try adding the data as duplicate data to the comments table when each comment is created. Lots of redundancy, but it could potentially work.

Out of time to try it tonight though.

ThinhDinh · February 8, 2024, 12:34am

Use 2 relations, one to your Public table and one to your Private table, then lookups as needed to retrieve the pieces of info in each table. Use if-then-else columns to get the final values based on whether the lookups are empty or not.

sumgii · February 8, 2024, 5:07pm

This worked perfectly,. thanks @ThinhDinh . I realise now that I had slightly misunderstood persmissions/roles

Because of the “row owner” concept I though that protection would be for the whole row. I didn’t realise that ownership for lookups was from the source table. That makes life much easier! Thanks

system · February 15, 2024, 5:07pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Row Owners and Roles - follow up Ask for Help	11	835	July 2, 2023
Row Owner Help Ask for Help	1	89	March 13, 2024
Help planning out access & authorisation Ask for Help	4	265	December 30, 2023
Row ID as a role & row owner Ask for Help	2	137	December 9, 2023
Need Help with Rown Owner and Roles Ask for Help	5	83	April 18, 2024

Row owner / Roles question

Related topics