Security Filter Unique Branch

Hi Guys

I want to change my Security Filter:

OR([Salesperson]=USEREMAIL(),USEREMAIL()=“ImTheAdmin@gmail.com”)

In all tables is a column [Branch] which a unique Branch Name is generated by all tables with a default value.

I only want a user to see data relating to his own Branch.

Would my security filter be:

OR([Branch]=[Branch],USEREMAIL()=“ImTheAdmin@gmail.com”)

Better:

IN(USEREMAIL(), LIST([Salesperson], “ImTheAdmin@gmail.com”))

How does the app know with which branch a particular salesperson is associated?

Thats a point Steve.
The filter:
OR([Salesperson]=USEREMAIL(),USEREMAIL()=“ImTheAdmin@gmail.com”)

Will only allow the user to see their own data and the second part ‘ImTheAdmin@’ which is me gives me access to everyones data.

[Branch] Is recorded in all tables, ie MMVR or STOKE and that is generated by using DEFAULT VALUE in every row.

Ideally the user can see all rows specific to his branch regardless of users with different email addresses. Pretty much like a domain…

So thats where I’m stuck?

How does the app know with which branch a particular salesperson is associated?

Hmm, thinking rationally it can’t know unless I specifically name the branch in the filter:

OR([Branch]=“MMVR”,USEREMAIL()=“ImTheAdmin@gmail.com”)

OR([Branch]=“STOKE”,USEREMAIL()=“ImTheAdmin@gmail.com”)

Is that the recommended way?

The app can only work with the information available to it. If there’s no way to tie the current user (via USEREMAIL()) to a branch identifier, there’s no way for the app to determine which branch the user is associated with, and therefore no way to determine whether any given row should be displayed to the user.

An alternative is to allow the user to identify their branch with a user setting, but that would also allow them to change their branch, which might give them access to information they shouldn’t have.

See also:

1 Like

There is an Admin View which holds all the Branches which only I can see using a SHOW_IF with a filter of: USEREMAIL()=“ImTheAdmin@gmail.com”

I think I forgot to say I have a Master App and copy that for each branch who want to use the app. In each app the Column [Branch] has to be changed before I allow that branch to have access. So if I had a new branch say “LONGTON” I would change the INITIAL VALUE for [Branch] to “LONGTON”

image

image

Plus [Branch] is hidden from every view so the user doesn’t even know it is recorded.

Please post a screenshot of the column list from Data >> Columns in the app editor for the table to which you want to apply this security filter.

[BRANCH] = “Wrexham”

or

[BRANCH] = “MMVR”

OR([Branch]=“Wrexham”,USEREMAIL()=“ImTheAdmin@gmail.com”)

1 Like

Ah, okay. You’ll need to hard-code the branch identifier in the slice row filter expression, just as you’ve hard-coded the value in the column configuration, as you suggested above. E.g.:

OR([Branch]=“MMVR”,USEREMAIL()=“ImTheAdmin@gmail.com”)
1 Like

Thanks Steve, really appreciate the assistance.

1 Like