Help request for security filtering

If the team is already filtered in a correct way with a security filter, then it’s something like IN([Company],Team[Company])

@Brent_Meade
You should have user mail column in your form with initial value USERMAIL().

No my team is not filtered. That is the problem I am trying to solve.

How the app actually works… are employees able to use the app or just contractors?

I want only contractors to see their data. The contractor will login to the system. I created a team page. From that page it was simple to filter the record by useremail() asthe team table has a column for email. This view allows the associated employees to show via a ref_row. The problem is when I go to the employee view via the menu, the contractor can see all employees. I want them again to see only their employees. In the employee table there is a relationship between the employee and team using the companyID. I need to filter by the email and companyID of the login contractor on the employee table. I can then use the same expression on the timesheet table.

When you have the security filter with your Team table as USEREMAIL()=[Email], it will filter your table and the result is probably only one record. Then you can filter your Employee table like IN([companyID],Team[ID])

image.png

Did not work. I was expecting it to return only the company where the id is 3.

Side suggestion: Maybe someone could make a good demo application that shows how to make an staffing app combine with different security levels/policies? I see someone else has a similar query:

it suggests there is a absence of documentation and examples over what might be a rather standard set of features used in organization that is using Appsheet for its solutions.

Hmm, this sounds like a interesting challenge. I might take it up later tonight or tomorrow.

1 Like

Add this fresh topic too:

You hit more than 2 birds with 1 stone, so-to-speak…

Please check this sample app how it’s done called “Horizontal Scale” from www.appsheet.com/portfolio/531778

2 Likes

You need to post that in the topic: " Make it disable to certain people"

Thank you it worked.

You’re welcome

@aucforum does this sample app I made do what you were thinking? You’ll need to look under the hood to do pretty much anything.
https://www.appsheet.com/samples/Incident-Reports?appGuidString=62b2764f-f95a-460e-8171-63d486287210

2 Likes

Wow, this is amazing. I never thought all this level of security was possible. Thanks for the eye opener. I will try to apply

1 Like

OR(USEREMAIL()=AppOwner@business.com,USEREMAIL()=table[UserID])

This security filter allows the application owner to read all records, while individual users can only see their own records.

Your expression is invalid.

1 Like

OR(USEREMAIL()=AppOwner@business.com, IN(USEREMAIL(), table[UserID]))

2 Likes

@Bahbus @Steve
Thank you about the correcting.

1 Like