Re: How to disable "READ_ONLY" option based on use...

DPP · 09-29-2022 02:51 AM

We have created an app using Google Appsheet which is mostly used within a desktop browser for now. Assume that there are 2-3 roles in the application viz. admin, manager, and executive.

We have some revenue reporting data created in Google Sheets for which we have provided CRUD functionality to the admin role of our app. When the admin user opens the listing page of any revenue reporting data, it creates a unique URL for that page. If I try to open this URL using the manager's or executive user's login, they can see that confidential data.

Is there any workaround for this in Google Appsheet to achieve URL-level protection? Any suggestion to improve the design of the app so that it can be scalable for more user roles in the future?

nphuoctuan

I remember there were instructions on this here. I followed suit and made some adjustments.

And use the Lookup() expression to get the login email address and corresponding permissions. You also need to create a permission table to use with the above Lookup() expression

DPP

Thanks for replying nphuoctuan.

We've done that already. but we also want to remove READ_ONLY permission to one of our roles.

As mentioned in the original post, any user having "default page url" can access the page even if he doesn't have permission. Whereas we want to restrict him from seeing that default page as well.

Steve

Limit users to their own data - AppSheet Help

Limit users to particular tables, views, and actions - AppSheet Help

How to disable "READ_ONLY" option based on user role in Google Appsheet