This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Security filter for using 4 different roles, each one with a higher security than the other

Posted on 06-16-2021 07:21 AM
AaronTerry
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hey there, I’m attempting to build a rental management app that’s not only for Admin and Managers but for Clients and Tenants as well.

  • Admins should see everything.
  • Managers should see rentals, clients and tenants.
  • Clients should see their rentals and tenants.

I grabbed this formula from a timecard demo and it worked but I don’t think it’s the final solution.

IFS(
      ANY(CURRENT_USER[ROLE]) = 'ADMIN',
      TRUE,
      ANY(CURRENT_USER[ROLE]) = 'MANAGER',
      OR(
           [USER] = USEREMAIL(),
           AND(
                   [USER].[REGION] = ANY(CURRENT_USER[REGION]),
                   [USER].[ROLE] = 'CLIENT'
                   AND(
                           [USER].[REGION] = ANY(CURRENT_USER[REGION]),
                           [USER].[ROLE] = 'TENANT'
                            )
                     )
              ),
TRUE,
[USER] = USEREMAIL()
)

In a perfect scenario, I wouldn’t need the User, Role or Region in EVERY data table because the system would verify the UserEmail matches the address attached to the UserEmail of the Users Data table. I can’t for the life of me figure out how to write the formula to reference the ‘Users’ Data Table even after creating a Current_User slice sourced from that data. Any help and direction is appreciated!

Solved Solved
0 5 284
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Steve
Platinum 4
Platinum 4
In response to AaronTerry
Reply posted on --/--/---- --:-- AM

From what I’ve been able to glean from your screenshots (thank you!), you might try this as the security filter for the Rentals table:

OR(
  IN("Admin", Current_User[Role]),
  AND(
    IN("Manager", Current_User[Role]),
    IN([Region], Current_User[Region])
  ),
  AND(
    IN("Client", Current_User[Role]),
    IN([Client Email], Current_User[User])
  ),
  AND(
    IN("Tenant", Current_User[Role]),
    IN([Tenant Email], Current_User[User])
  )
)

An app user with the Admin role sees all Rentals.

A user with the Manager role sees Rentals that have the user’s same Region.

A user with the Client role (I’m guessing these are property owners?) sees Rentals that have the user’s email address as the rental’s Client Email.

A user with the Tenant role sees Rentals that have the user’s email address as the rental’s Tenant Email.

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
Steve
Platinum 4
Platinum 4
Reply posted on --/--/---- --:-- AM

Please post a screenshot of the columns (from Data >> Columns in the app editor) for the table you’re building the security filter for,

Please also post a screenshot of the columns for the Users table,

Jump to Solution

Posted on --/--/---- --:-- AM
AaronTerry
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

3X_9_2_922f5202443b1a6814585000cc156d92bcb50944.png

Is this what you’re looking for? I’d like to apply a filter to my Users data table so only i and maybe managers can update it while in the field. I’d like to show rental information to only those whose Current_User matches the User’s address in the Users data table.

Right now I have User, Role and Region in the Rentals table and I can already see how that forces me to create multiple inputs of the same property address each with the appropriate labels but I’d rather not create multiples if I don’t have to. Thanks, Steve for your help!

Jump to Solution

Posted on --/--/---- --:-- AM
Steve
Platinum 4
Platinum 4
In response to AaronTerry
Reply posted on --/--/---- --:-- AM

From what I’ve been able to glean from your screenshots (thank you!), you might try this as the security filter for the Rentals table:

OR(
  IN("Admin", Current_User[Role]),
  AND(
    IN("Manager", Current_User[Role]),
    IN([Region], Current_User[Region])
  ),
  AND(
    IN("Client", Current_User[Role]),
    IN([Client Email], Current_User[User])
  ),
  AND(
    IN("Tenant", Current_User[Role]),
    IN([Tenant Email], Current_User[User])
  )
)

An app user with the Admin role sees all Rentals.

A user with the Manager role sees Rentals that have the user’s same Region.

A user with the Client role (I’m guessing these are property owners?) sees Rentals that have the user’s email address as the rental’s Client Email.

A user with the Tenant role sees Rentals that have the user’s email address as the rental’s Tenant Email.

Jump to Solution

Posted on --/--/---- --:-- AM
AaronTerry
Bronze 5
Bronze 5
In response to Steve
Reply posted on --/--/---- --:-- AM

Leave it to Steve! haha

Thank you so much, I can rest easy tonight.

Jump to Solution

Posted on --/--/---- --:-- AM
AaronTerry
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

3X_7_0_7074255ca1682c5f2582e008164c91f37f742e94.png

Here’s the Users data table I’m trying to reference. I have a Slice created called Current_User with the formual USEREMAIL() = [User] as per your demo videos and its referencing the Users data table to pull info.

Jump to Solution
Top Labels in this Space