Does privacy rule regulate deletion?

Hi,

Just wondering today what privacy rule regulates a thing deletion from a backend workflow ?

For the example I’ve set a basic example of a User and Projects. User contains has a list of Projects.

Context :
the backend workflow is set so it does NOT run without authentication and does NOT bypass privacy rules
image

Which of the settings from the privacy rule should I play with in order to allow or not allow the deletion of a Project ?

Or :scream: can one only delete something he is the creator of? (the default data field “Created by”)

Best to you

Privacy rules are basically protect your data depends on your rule. If the rule doesn’t match, the data never comes from the server. The idea behing the functionality you want is totally different. You need to add a Role field to User object. At this point you can check the role and run if the user is admin > delete or if user is not admin > show popup - alert or hide delete icon etc.

1 Like

Yeah ok, so we need to create the whole logic :+1:

I believe that would be nice to be able to set these authorizations on the front actions like “create a thing” or “delete a thing”.

That would prevent evil smart geniuses to theoritically populate our entire database with crap by creating tons of things.

This topic was automatically closed after 70 days. New replies are no longer allowed.