Help with Security FIltering Expression

mykrobinson · 02-23-2023 12:00 PM

Just talking out loud, i may figure this out myself after reading this post a few times. Typing out it this way and getting it outside of AppSheet sometimes helps with processing the words (got a lil' reading trouble at times due to dyslexia)

For the new employee directory app i am building, i would like for people to be able to see all the employee records but only edit an existing record if either the value of USEREMAIL() is equal to the value of [Email] on the currently viewed employee record, OR if the user in question has a value of TRUE in either the [HR] or [Admin] column for their entry in the Employees table.

So my assumption is that i need to craft an expression at the table level for these restrictions. All users can add, but a user can only edit their own unless they are HR or Admin

I have some show_if expressions for certain fields, and those were pretty easy to craft, but the security filtering at the table level is currently giving me a slight headache. For reference, here is one of my show_if expressions at a column level

LOOKUP(USEREMAIL(), "employees", "Work Email","HR")="True"

Thanks

Marc_Dillon

Nope.

First of all, table access mode and Security Filters are different things entirely. The former affects crud access, the latter just affects which records are loaded into the app.

Second, access mode affects the entire table/slice at once, not individual records.

You can hide or show the edit button on individual records. Or you can set edit_if expression for each column. Or you can specify Slices to hold the editable records, vs the read-only records, and specify the access mode at the Slice level.