How to handle complex custom permission roles with privacy rules?

Hello,

I’ve been fiddling around for a while now trying to figure out what’s the best way to handle data pulls securely and I’d like to know if the solution I’m heading towards is the only way to go about it.

The example scenario is the following.

It’s a business management app with the following features …‘expense tracking’, ‘time-clock’, ‘hr management’.

A user can create a ‘Corporation’, they then can create multiple ‘locations’.
Employee A has been added as part of the Corporation with Corporation Permission Role ‘Manager’
Employee B has been added as part of a Location with Location Permission Role ‘Manager’
Employee C has been added as part of a location with Location Permission Role ‘Supervisor’
Employee D has been added as part of a location with Location Permission Role ‘User’

These are customizable permission roles that the owner can create. Basically each ‘feature’ is has the option of being assigned edit or view privilege depending on the permission role

Now as far as I can tell…this setup won’t really interact with Privacy Rules in any meaningful way. I understand typically there’s a Permission Field of a user and it’s simple set to ‘User’ or ‘Admin’ and that can generally allow that user to see everything or not.

In this case, I’m realizing the only data I can really wall off with Privacy rules is data from non-related companies to the current user or other user data. and then after-the-fact, i need to use conditions based on the role permissions assigned the user to pull up custom ‘Searches’ for my repeating groups and whatnot.

Is this correct and the only way to go about it? Conditional Custom ‘Searches’ for Security?

I just want to make sure I’m using Privacy Rule’s to it’s maximum ability.


Thanks for hanging on for the long convoluted read.

This topic was automatically closed after 70 days. New replies are no longer allowed.