Hi. I am working on an app that needs to allow main users to give (limited) access to additional users to the main user’s datasets (for adding data and editing purposes).
Essentially, the idea is that the additional user can complete a form. On submission of the form, the main user is notified to review the data and approve or reject it. If it is approved, the form data moves to the main user’s dataset and can be viewed by both the main user and additional user in their accounts.
At this point I’ve set it up so that a main user can create a new account for an additional user (which gives them their username and new password) but I have no idea how to connect the additional user to the main user’s data. Is there a way to do this?
I am assuming the main user’s data is in another data type (lets say User Data). One way to approach this is to add a field to the User Data: a list of Users called Access Granted To.
Obviously, the main user will be in this list for a specific User Data instance. Then, whenever another user is granted access to, it will be added to this list as well.
Finally, a current user will see the User Data things that he/she is on the Access Granted To list.
Well I got part of the way there. I’m stuck on the last step. The problem now is linking the added user to the main user’s data. I think this might be a privacy rule issue but I can’t figure it out. How do I link the new user (“current user” when logged in) to the main user who signed them up?
I guess it depends on how you are inviting a user to be in this list? Technically, you can really create an invitation to a target user, and he/she can add themselves to this list when they accept an invitation, so it wouldn’t be a privacy issue technically.
Right now I have it set up so that when they submit their email address it runs the “create account for someone else” workflow and I’ve added “grant access to” add current user. This adds the main user to the new user’s User dataset. But I’d have to add “grant access to” fields to all of my datasets and set it up so that the main user is added to all of those datasets when a new user account is created. This seems weird.
Is there not a way to set it up so that the new user can only see the main user’s datasets? Or am I dreaming?
Another approach would be adding a column to the User data type something like Data Account of type User. And, when you are creating the new user, you will set this field of the new user to be the main user. Then, when the new user logged in, they can have access to Current User's Data Account's User Data (following the convention in my original message, assuming the data is in a data type called User Data).
Figured it out thanks! Essentially I created a “master user” field in the User dataset and when I create the new user account for someone else it adds the current user to the “master user” field. Then I just have conditions and a privacy rule in place that only allows additional users to see “current user’s master user” data. Thanks for the help and ideas!