Yes, you could do that in the spreadsheet if you wanted some data that’s hidden via Row Owners to show somewhere else.
That is exactly what I was thinking about. Thanks.
Awesome! I’m excited to try this new feature.
Thanks for pushing a new update, again!
Awesome update and glad to hear it is now rolled out widely!
What is the status of this update ? Eagerly looking forward to see this.
It’s out already. You can use it
@Mark two points where I need some clarity
Somebody who knows what they’re doing can open the app in a web browser and get to all the other user’s data.
Is this data that only lives in the google spreadsheet or glide data editor as well (e.g: Template Columns, Math Columns, IF then else, Columns etc)?
We have been working on a feature to provide true row-level security, where the app can’t even download rows that the logged-in user doesn’t “own”. Let us know if you definitely need this feature and we can onboard you to the current early version.
I’m interested in this, and would like to know more Do I need to formulate my request in any way?
Hi. I’ll try to give you a basic heads-up for starters. If a row in a sheet is not “protected” then you should assume that it could be accessed. This applies to all columns, both Google and Glide. It can be accessed because whilst you may not see it within the app, it may well have been downloaded to the browser and is only hidden. Therefore a “savvy” user could reveal the data using a number of different debugging tools.
To ensure that a row can only be accessed by a specific user (or users) then enable the Row Owner feature. That will ensure that the row cannot be accessed unless Row Owner matches (checkout the tutorial on this). It achieves this by not downloading the row to the browser, so it is not available even using debugging tools.
Exactly what I assumed as well. Thanks for the valuable input
You pay for them to download less
So…which column would be advisable to become the Row Owner? Row ID? Users sign-in email address?
I believe in all of the cases I have to use row owners, it’s the email.
Thanks ThinhDinh, email makes the most sense. So would that be the Glide anon email or the “captured” email at sign-up process?
On rare occasions when I’m being lazy I use a username or person’s real name but it’s best practice to use their email since that doesn’t normally change across the app and it’s sheets.
Whatever works for your case, I believe since Glide enables the anonymous email option, they’re basically the same.
If your using username and password as your means of signing in that may change how you determine what you sre using because that doesn’t necessarily mean you have the same email time and time again.
Gotcha. It’s essentially a mask of the persons email they use to sign-in.
If you use Row Owners, the app cannot download rows not owned by the logged-in user. We currently have a Preview As visibility issue in the Glide Builder which will be fixed. But again in the app running outside the builder only rows that are owned by the logged in user are downloaded.
Mark referenced the link to the older other thread “Row Level Security” that was posted before Glide implemented the Row Owner feature as a reference to the old method which was not a secure way to protect this data.
Understood - just wanted to better understand the implications. Due to a corner case where row ownership was not working for me, I was gutted.
Thankfully, I managed to solve my own issue: Wrong way to get user email from one sheet to populate another?
Happy that I can now offer a secure app from launch day