🆕 Security Center

Thanks David! This will clarify some points by now

Thank you! Great +1:

Thanks @David. This gives me a lot to consider. I see that you have a section on Mirroring columns.

Effectively, this could double the amount of rows in our app in order to make them more secure. Any thought, then to increase the row limit to ensure all apps created with Glide have this security measure?

@Robert_Petitto you read my mind. Sounds like a lot more row usage to secure some parts of the app.

I’m also curious how arrays will be handled in glide sheets

We’re working on features that obviate the sheet mirroring techniques.

Hey David!

Sorry, not agree with this statement.

I constantly use “Public” access type to allow users to see what’s inside the app and only after that sign-in with the sign-in button. That’s the basic UX principle, because it’s not really good to ask people log-in into the app when they do not see the value of the app.

For example, I have a restaurant app. It is public and you can sign-in, see which dishes they have, check other information. But when a client wants to order a dish he see the sign-in button on the dish page and only after signing-in he can use a lot more functions.

And I need some admins and employees that will also see and check the orders and manage the app without using the go.glideapps constructor (changing images, dishes and etc).

And that’s only one example, I have like 30% of my apps that are public but need to have admins and that’s not the one admin.

I didn’t say the feature would not be useful in public apps. I said that allowing it in public apps would be incompatible with our business.

Thanks @kyleheney I will try this technique

Idea: Some sort of mirroring function to build a full Glide Table would be sweet. Then it wouldn’t only mirror the sheet contents, but any lookups, templates, etc that were created in the “secure” version of the sheet. A mirrored Glide Table could be set up in such a way that clearly makes it a mirror of another sheet and would not count towards row limits (since it’s just mirrored content).

Now googling “obviate” - trying to weave it seamlessly in a sentence today.

Thank you David, Mark, entire Glide team! Having a central security resource is extremely helpful to non-dev users like me and will help everyone new to Glide set up correctly from the beginning!

Not going to lie—totally thought David wrote “obliviate”—which is a spell from Harry Potter

Thanks for concern

@david , will stripe payments be transitioned over to Glide Sheets? Currently the payments only populate into Google Sheet. But the sheet itself is missing from component connectivity.

Mirroring is something I do all the time as 99% of my apps are multiple sign up temps.There is no other way, and I prefer this method, to be quite honest (but see below). I can secure rows/columns. However, I have found another way of achieving the same end, but it requires duplication of all relevant components, instead of the sheet, and then setting the same component to as either when access level admin. staff, driver, etc, This way I can make the same component display different bits information to different users. It is arduous, and sometimes slips are possible. I really milked this approach when developing the taxi app and now use on all my templates as the risks associated with deleting (most of the time by me lol) info on duplicated sheets living on the back of a live source sheet can be costly. The other advantage I have when using the second approach is I am able to avoid incurring additional rows eating into my limit.

I would if at all possible like to see mirroring of entire tabs.

correct me if I am wrong,
if my app has premium content for subscribed users only (ex. premium courses) hiding this content with visibility conditions is not safe, as the app still downloads that data if a free user is signed in.

so for the rows for premium content lets say in (ex. courses sheet). do i need to have row owners consisting of a list of emails of the premium users, and every time a new user subscribed this list must be updated?

@david, when assigning multiple row owners, does this only work for array columns? I’d love to be able to apply this to relation columns…

image1384×565 65.4 KB

@Lisa According to this, I think it’s only columns that originate from the sheet. I’m assuming that includes Lookup from a Relation.

@rayo From what I understand, yes, the only way to assure row owners and to restrict premium content data from being downloaded to only premium user devices, in your case would be to add an email to an array column in the google sheet. In my opinion, a user would have to be pretty tech savvy to even discover that the additional data was downloaded to their device. If you data does not contain personal information, then I feel it would not be as critical. Personally I feel that Row Owners would be most applicable to situations where PII is involved in an app that’s share among multiple users.

Great job!! thank you

Gideon