Solved: Re: Best way to handle table security settings whe...

1minManager · 12-15-2022 05:11 AM

Quite often I'm controlling Read/Write/Delete table permissions for users with formula's like this.

IFS(
  ANY(Select(Staff[Type],[Login Email]=UserEmail()))="Admin","ALL_CHANGES",
  ANY(Select(Staff[Type],[Login Email]=UserEmail()))="Manager","ADDS_AND_UPDATES",
  ANY(Select(Staff[Type],[Login Email]=UserEmail()))="Instructor","READ_ONLY",
  TRUE,"ALL_CHANGES"
)

Since, when a bot runs, it does so without UserEmail(). But it seems a bit clunky and I'd prefer to be able to specify the permissions the Bot has rather than having this sort of fallback permission level. Since with this, if I get it wrong, the user has full permissions 😫

I've tred UserEmail()="" and ISBLANK(UserEmail()) but the results are not consistant.

Can anyone suggest a better option? Except that I probably should be using Switch() for the above formula 😂

Steve

To allow any bot full access:

IF(
  ("Server" = CONTEXT("Host")),
  "ALL_CHANGES",
  SWITCH(
    ANY(Select(Staff[Type],[Login Email]=UserEmail())),
    "Admin",
      "ALL_CHANGES",
    "Manager",
      "ADDS_AND_UPDATES",
    "Instructor",
      "READ_ONLY",
    "ALL_CHANGES"
  )
)

Scheduled bots are run as the app owner.

View solution in original post

Steve

To allow any bot full access:

IF(
  ("Server" = CONTEXT("Host")),
  "ALL_CHANGES",
  SWITCH(
    ANY(Select(Staff[Type],[Login Email]=UserEmail())),
    "Admin",
      "ALL_CHANGES",
    "Manager",
      "ADDS_AND_UPDATES",
    "Instructor",
      "READ_ONLY",
    "ALL_CHANGES"
  )
)

Scheduled bots are run as the app owner.

1minManager

"Server" = CONTEXT("Host")

thats the bit i was looking for. Thanks @Steve

Best way to handle table security settings when accessed by a Bot