Hi All,

I have a business app that was built in AppSheet. I am currently looking to distribute the app and now need to consider the best way to implement security filters into the app.

The app is rather extensive, and so I plan to break it down, creating a launcher, and splitting the app into several 'Modules'.

Each user will have access to different Modules, and access within the module would also be varied. For example, a single Projects module would be available for our project management 3 teams, but only each team would be able to view their own projects. Furthermore, each team would have Production users than can View only projects that have a status of 'Production' and not have any access to the project price value fields, while our team sales managers would have access to Add, View, Edit and Delete the teams projects, and all fields.

This will be a fairly granular control, but I'm hoping this can be done with AppSheet.

My question now is based mostly on, How? I'm unsure on the best way to implement this, however, I did consider two options:

Option 1 - A Users table, which contains an EnumList for each app available, and options for each app, where multiple options could be selected to control user access.

Option 2 - A Users, Roles and User Roles tables, where Roles and users are created, multiple Roles are linked to Users in a bridging User Roles table. One Role per entry.

I do have a sample App I have created, with both options in place, if someone could explain how I can make this publicly available, I can share a link to it here.

I have attached a screenshot below, of an example however, Option 1, which I feel might be the most practical.

I'm looking for any practical feedback, solutions and options from people that have experience in implementing advanced user permission systems that are rather granular.

Thanks for your time.