Restricted Records

If you're a new user of AppGini, feel free to ask general usage questions, or look for answers here.
Post Reply
TheNoLifer
Veteran Member
Posts: 67
Joined: 2015-06-06 12:10

Restricted Records

Post by TheNoLifer » 2016-04-04 20:47

All,

My app is up and working (http://ada.abernyte.org) but I have a new requirement - a pretty big one. I've searched the forum and am not sure I can find anything relevant.

By default, all records on all tables are publicly viewable, but now I've got the requirement to make certain records on X tables to only be readable by a certain group of users. Is such row-level security possible?

We'd like to keep all our records public, but have the ability to set any of them to "private" via DB flag/whatever process, which would then only show them to a certain group of users.

Anyone have any ideas?

Many thanks!

A.

User avatar
shasta59
AppGini Super Hero
AppGini Super Hero
Posts: 231
Joined: 2013-01-08 19:40
Location: Calgary, Alberta, Canada

Re: Restricted Records

Post by shasta59 » 2016-04-04 23:24

What version are you using?

And it is really easy to do. Go into admin and set what the group can see. If that does not work then you can code it elsewhere to limit who sees what.

If you want to set it by a flag that is very very easy then. You can code it to look at the flag and not display that record if the flag is set.

Basically you would use an if then type statement to check.

Alan
Calgary, Alberta, Canada - Using Appgini 5.50 -

TheNoLifer
Veteran Member
Posts: 67
Joined: 2015-06-06 12:10

Re: Restricted Records

Post by TheNoLifer » 2016-04-05 00:20

Hi Alan, thanks for the quick reply! I'm just re-building using latest version as we speak. The prod site is one version behind current. I try to keep it up to date!

I've checked out the admin area - we need to offer more granularity than it provides, I think.

I like the flag method - we'd have a dropdown (or similar) "Private" field on each table with either Y or N as possible values, and would somehow - that's the bit I'm missing - interrogate this prior to displaying the records - e.g.

IF private_field = N THEN cool - ignore this code/show all records
IF private_field = Y AND logged_in_group = Anonymous THEN don't show records.
IF private_field = Y AND logged_in_group = executive THEN show records.

Problem is - where on earth would you even start to add this code? Any ideas?

Thanks!

eagle
Veteran Member
Posts: 39
Joined: 2013-01-09 15:38

Re: Restricted Records

Post by eagle » 2016-04-05 09:34

I would guess that all of this is already built in and could be utilised by modifying the group / membership system.

Have you looked at Admin area > Members > View members records?

You could add group ownership to any single record and adjust visibility of that record in the Groups section.

Have not tested myself, though.

TheNoLifer
Veteran Member
Posts: 67
Joined: 2015-06-06 12:10

Re: Restricted Records

Post by TheNoLifer » 2016-04-05 19:01

Thanks for the thoughts - pretty sure it can't be done in the existing admin system, with my setup.

If I assigned all the records to the anonymous/guest user and set their group visibility to "group" only - so they only saw records in their group, then when I wanted to hide a record, set it's ownership to something else - another group - that might work. Will need to test.

Feels odd though, assigning all records to the anonymous group/user.

Post Reply