Database structure for users managing clients

I’m building out functionality for financial professionals to view and manage their client’s data within my app. I don’t want to add a “list of clients” field to the user since this can grow to hundreds (if not thousands) of users. The issue is, I have around 8 different data types I’m planning to allow these professionals to view. Since I can’t add privacy rules based on X’s Y’s field, would the only other solution be to link these professionals to each separate data type? Or is there a better way to set this up?

Hi Matt, you can create:

  1. Option Set for user type
  2. Option Set for app features/data type
  3. Add an attribute to user type OS with a list of app features/data types allowed
    In this way you can create simple privacy rules based on current user’s type app features/data types.
    This logics also works for the app reusables and/or pages to be loaded only if current user’s type features are compatible with this reusable or page.
  4. Option Set for Navigation with all menu options and add an attribute to this navigation option with a list of allowed user types and display the menu options according to the current user’s type

Hey Pedro, I’ve set up an option set for user types, but the issue is I only want that user type to be able to see their own client’s data for each data type. I’m having trouble coming up with a way to set up the privacy rules for this situation without linking each data type to the financial professional or adding a list of clients to the user. Let me know if I’m missing something here.

You don’t need to add user client’s list on his register, just reference the related user in the client’s data type and filter by it.

I’m not on my laptop now but I can reproduce it tomorrow and send to you if you don’t figure out how to do it

I understand that part, I’m only concerned with the privacy rules to ensure the client’s data is secure. If you have guidance on how to set up the privacy rules for each data type in this situation that would be appreciated!

Just off the top of my head for privacy rules…

You could have a field on the client that’s called “advisor” of data type User. This is where you’d list the financial professional and it not be a list.

Under privacy rules you could have When This User's Advisor doesn't contain Current User

The user data type is all good on privacy rules. I’m trying to figure out how to allow the financial professional to view the other data types associated with their clients (tasks, activities, accounts, messages, etc). I’m trying to avoid adding these fields to the user since most of them can get really long. It sounds like the only way to do this would be to have a separate field for the user on each data type?

Yep same concept.

There should be a user field on each of those data types (tasks, activities, etc) and if financial professional is on that Thing’s user (ex: This Task's Creator's Financial Professional is Current User or This Task's Client's Financial Professional is Current User) it will ensure only that financial professional can access the info.

That’s for privacy since you said…

Privacy rules can be added to data types other than just the User data type.

As for being able to pull it up on page or in a repeating group, again, there should be a user field on each of those data types (tasks, activities, etc) which is usually ‘Created by’ depending on how you have it set up.

When the financial professional loads the page that contains the info for that client you can display that data by using Do a search for Tasks where Created by is Client.

Sorry if I’m misunderstanding, but I believe that’s where I’m having the issue.

“Rules that use “This Task’s X’s Y” can’t grant search access right now”.

If I do something like this Task’s Related User’s Financial Professional, the financial professional isn’t able to see that task on their side since the privacy rule prevents it from being searched. Would I need to add a financial professional field to each separate data type?

That’s what I was trying to avoid (if possible) since it complicates my workflows. I was trying to see if there was a better solution than that. I’m also trying to avoid adding a list of clients on the user since that list can get long.

Ooooh ok now I’m picking up what you’re putting down. I see privacy rules can’t search a Thing’s Thing.

So for User privacy, I'd simply do: When `This User's CFP is Current User` they can view and search. And I'd load page data based on User.

Dropdown for selecting clients or want to load a repeating group (RG) with a list of clients? Then Do a Search for Userwhere CFP is Current User. This will make sure the list only contains that CFPs clients. Once you have the client you can then search/access the other data types (tasks, activities, etc) Do a Search for Taskswhere Creator is Current Cell's User or Do a Search for Taskswhere Client is Current Cell's User

Let me know if that gets you where you’re trying to go in your app.

The privacy rules I’m having trouble with are for the other data types (tasks, accounts, etc.). I’m trying to create a dashboard page for the financial professional where they can see a list of all of their clients’ tasks (and other data types), but to also make sure the privacy rules are set up so that only the client and their financial professional can view them.

I’m assuming I’d have to either add a list of clients to the financial professional or add the professional to each data type (tasks, accounts, etc.). Let me know if there’s an easier way to accomplish this.