Can someone explain to me what the privacy roles do? Can my database be accessed by something other than the workflows I have built into the system? Is my data not really safe unless I use this feature somehow?
Thanks in advance.
Yes â security roles are important, please use them! 
When you add a search on a Bubble page, we do the search from the userâs web browser⌠it sends a message to the server saying âHey, get me all users that are âŚâ Security roles are the tool we use to know what data the current user is allowed to ask for. This is important because someone trying to abuse your site could send a message asking for data that they shouldnât be allowed to see; security roles are what lets us say, âhey! not legitimate! you donât get to see that!â
As well against protecting from deliberately malicious users, theyâre useful in protecting yourself from accidental data leaks. Itâs very easy to accidentally design a search that returns more than itâs supposed to return â when youâre doing a lot of work on a Bubble app, mistakes happen! With good security roles in place, you donât have to go through every one of your searches and add a constraint, âonly return users who the current user is allowed to seeâ⌠you just set up the appropriate privacy roles, and Bubble will automatically tack that condition on to each one of your searches behind the scenes without having you to manually do it on every single search. So it saves a lot of work, and makes it harder to make mistakes.
In terms of users modifying data, security rules arenât quite as important, because workflows that actually change data run on our servers, not in the userâs web browser, so itâs harder for a bad user to send a message telling us to change data without actually running the workflow. But again, restricting what data the user is allowed to see can help prevent accidentally creating a workflow that lets the user change stuff they arenât supposed to.
3 Likes
Thank you for the information, this was very helpful!
So could a malicious user run a search using their own parameters or is this just to protect data that is pulled using no constraints, ex. âSearch for Usersâ and then just displaying the data that you want to show, but knowing that someone could access it all if you do it that way?