Does setting more complex privacy rules have an impact on site performance and load times?
I know there are two sides to the coin. Having more rules means less data is sent to the browser so in theory should load much faster… But what if the rules are complex?
For example I want to do a nested rule such as Current User → Profile → Organisation → List of Users. This requires retrieving the User, Profile and Organisation table BEFORE the data has even been sent to the browser. I would have assumed that this would result in a delay in fetching /loading the data. Or am I mistaken?
Unless you have a lot of fields, which are very data heavy (like a bunch of text types each containing very long strings), then I’m not sure how substantial the impact would be–even if you are displaying a rg with a bunch of rows. That may not be true in certain areas of the world though. In other words, the processing outweighs the time to download.
Are you sure the bubble privacy editor would even allow this rule? The dynamic expressions that are allowed in privacy rules editor are much more restricted than what can be accomplished inside the page editor, for example. This is, I’m sure, to prevent users from creating blanket privacy rules which are overly taxing for the back-end to process for every single record.
You can put the privacy permissions right inside the user record (or as close to the user as possible). Sometimes this means storing ‘view privileges’ data in multiple places. If I’m understanding your architecture correctly, your user can have their ‘data view privileges’ and perhaps their organization has a template of ‘data view privileges’ which any new user attached to that organization gets written to their user record when they sign up. There are some situations where you might have to keep track of the logic to update the privileges inside the user if they were to, for example, change organizations and need to update the privileges stored in their record to match the new organization’s privileges.
