Security Filter Unique Branch

Dave_Willett · 07-29-2020 10:45 AM

Hi Guys

I want to change my Security Filter:

OR([Salesperson]=USEREMAIL(),USEREMAIL()=“ImTheAdmin@gmail.com”)

In all tables is a column [Branch] which a unique Branch Name is generated by all tables with a default value.

I only want a user to see data relating to his own Branch.

Would my security filter be:

OR([Branch]=[Branch],USEREMAIL()=“ImTheAdmin@gmail.com”)

Steve

Better:

IN(USEREMAIL(), LIST([Salesperson], “ImTheAdmin@gmail.com”))

How does the app know with which branch a particular salesperson is associated?

Dave_Willett

Thats a point Steve.
The filter:
OR([Salesperson]=USEREMAIL(),USEREMAIL()=“ImTheAdmin@gmail.com”)

Will only allow the user to see their own data and the second part ‘ImTheAdmin@’ which is me gives me access to everyones data.

[Branch] Is recorded in all tables, ie MMVR or STOKE and that is generated by using DEFAULT VALUE in every row.

Ideally the user can see all rows specific to his branch regardless of users with different email addresses. Pretty much like a domain…

So thats where I’m stuck?

Steve

How does the app know with which branch a particular salesperson is associated?

Dave_Willett

Hmm, thinking rationally it can’t know unless I specifically name the branch in the filter:

OR([Branch]=“MMVR”,USEREMAIL()=“ImTheAdmin@gmail.com”)

OR([Branch]=“STOKE”,USEREMAIL()=“ImTheAdmin@gmail.com”)

Is that the recommended way?

Steve

The app can only work with the information available to it. If there’s no way to tie the current user (via USEREMAIL()) to a branch identifier, there’s no way for the app to determine which branch the user is associated with, and therefore no way to determine whether any given row should be displayed to the user.

An alternative is to allow the user to identify their branch with a user setting, but that would also allow them to change their branch, which might give them access to information they shouldn’t have.

See also:

Dave_Willett

There is an Admin View which holds all the Branches which only I can see using a SHOW_IF with a filter of: USEREMAIL()=“ImTheAdmin@gmail.com”

I think I forgot to say I have a Master App and copy that for each branch who want to use the app. In each app the Column [Branch] has to be changed before I allow that branch to have access. So if I had a new branch say “LONGTON” I would change the INITIAL VALUE for [Branch] to “LONGTON”

Plus [Branch] is hidden from every view so the user doesn’t even know it is recorded.

Steve

Please post a screenshot of the column list from Data >> Columns in the app editor for the table to which you want to apply this security filter.

Dave_Willett

[BRANCH] = “Wrexham”

or

[BRANCH] = “MMVR”

OR([Branch]=“Wrexham”,USEREMAIL()=“ImTheAdmin@gmail.com”)

Steve

Ah, okay. You’ll need to hard-code the branch identifier in the slice row filter expression, just as you’ve hard-coded the value in the column configuration, as you suggested above. E.g.:

OR([Branch]=“MMVR”,USEREMAIL()=“ImTheAdmin@gmail.com”)

Dave_Willett

Thanks Steve, really appreciate the assistance.