Very complex issue coming your way...protected groups via invite code

I’m building an app that allows users to join different groups. Users can create their own groups or be added to existing ones. To ensure that the app is secure, only users that are row owners of a group can access that group.

To do this, I created an array in Google Sheets (i.e. Member 1, Member 2). This works well, however it means that users have to know the email address of the user to add them to their group, and the email address has to be entered the exact same way that the invited user signs into the app, which isn’t always the case.

I’m hoping to find a solution where the owner of a group can invite users by a code or link - but I’ve run into issues on how to best achieve that.

At first I thought a code would work, but then was stumped on how to add the invited user’s email to the array of members once they enter the code to join.

Would it be possible to build a logic for Glide to add the member to the array without overwriting previously invited users? I almost achieved this with a long custom action (If member 2 is empty, then add user, if member 3 is empty add user, and so on).

But I couldn’t complete it, because the invited user cannot “see” the data for the group they want to be added to because it’s restricted to the row owners array - which they have not been added to yet.

For more clarity - when the invited user adds the unique invite code, there is a relation column that looks for the code amongst the groups to know which group to add the user to. But because the user is not yet a row owner - the data to the relation returns a blank value, even if there is a match.

As I’m typing this, I’m guessing that the only way may be to have an invite code and for users to “request access” to a group.

Group owner would share a code
Invited user would enter the code to request access
Group owner would then see the request and add the user with a button that has the custom action that I described above

But then, it kind of kills the user experience - and maybe adding users by email isn’t so bad. Any thoughts on this? Has someone successfully implemented the “invite with code” method with row owner protection?

All thoughts and theories welcomed

a simple script that will set the value to a last row + 1

Can you expand more on your idea? What value? The invite code? The invited user…?

I’m not sure if I understand correctly what you wanna do…
I think you wanna add a new user through an email invite that carries a code for a group?
or accept members if has a code?
if you can describe step by step what is the action and effect?
is the user requesting access or manager inviting?

Yes, you have it partly right.

I want to know if it’s possible to implement the invite code method for adding users to groups that are protected by row ownership.

The steps aren’t as relevant as the dilemma I described above, but ultimately the desired scenario would be:

1. a group owner shares a code with another user.
2. That user enters the code, and is added to the group based on a match through a relation column (the code mapping to the group the user should be added to) - eliminating the need for them to exchange emails.

The hiccup is doing this while keeping row owners in tact for the group.

ok, so each group has a unique code…
now someone can email that code to invite another member to this group?
email is created in Glide or outside? groups are in the same sheet or separate?
or is it just a mark in the Users sheet which group the user belongs to?

The solution is to leverage the Unique Row ID in the User table and use that as proxy for a User ID. When a new user registers in the app, be sure to push the ROW ID of the new user into a separate Glide table using a set column action. You should also push the name of the user into a second column in that table to make the row more identifiable.

You now have a table with a column of user id’s and names that can be used to control access, e.g. grant or deny access. To grant access, create another Glide table (Log) with columns that store a log of member ID’s and access codes, e.g. add 1 row for every new permission granted that comprises the member ID and the granted access code.

Lastly, create a multiple relation from the user table that relates the ‘Row ID’ to ‘Row ID’s’ in the Log table. A user can now access a list of codes using the relation.

Elsewhere in your app you can then play with visibility of components depending on whether the results of the relation contain the desired code or not.

Hope this helps…

So with this set up do you have an upper limit on how many people a group can have?

Simon’s method works. I’ve done this before too. Before I answer further, is this a public or private pro app?

But is Simon’s method secure?

This table isn’t protected by Row Owners, so the full list of access codes is vulnerable to discovery, right?

I’m not sure that I fully understand the requirements, but I think that I’d be using Integromat in there somewhere. Something like:

• Group Owner creates access code and this is stored in the Group Table (as this table uses Row Owners, only Group Members have access to it)
• Code is shared with new invited member
• New member enters code, and webhook is sent with User ID and Code
• Integromat scans Groups table to find a match for the code. If it finds one, then it adds the user to the group.

I get your question about Private vs Public, because if it’s Private you can leverage Roles and you only need a single column in the Groups table. Otherwise you’re going to have to dynamically add another column for each new user invited (or pre-create a whole stack of columns).

Right…that’s why I’m asking…it’s not secure at the moment…

Private → leverage roles
Public → leverage email row owners

Both solutions require fancy Google Sheet formula to dynamically add these values. I’ve done it before, but it’s triiiiiiccckkky

Yes, the limit is 20 people in a group max

Bingo yes! It’s a public app

@Darren_Murphy I will probably go the webhook route and see how that works… it seems like the only way to keep the user experience simple.

I need to keep the row owners for security and I do prefer the group members in an array to save on rows.

I will go in a corner and twiddle my thumbs for a few days (or more) and come back with an update to let you know how it goes

i would trigger a script to add and set columns…

We already knew that

If it’s a Public Pro app, then you should be able to leverage the Glide API to help eliminate any sync delays between the GSheet and Glide. So instead of Integromat updating the Group table in the GSheet, you could push the change directly back to Glide via the API.

You could even take that a step further. If you maintain a Data Store in Integromat with the Group Table info, then Integromat wouldn’t need to touch the GSheet at all. You could simply do a lookup in the Data Store and push the change straight back via the API. Although, the benefits gained from this might not be worth the extra effort. You’d need to test it, I guess.