I’m trying to setup a permission system within my app. I have something called "Company Permission Level.
Currently it has 4 levels; Owner, Admin, Lead, Basic. I have it setup as an option set with an extra ‘Level’ attribute set as a ‘Number’ type. Assigned with the levels 0, 1, 2, 3 accordingly See screenshot below.
I’m creating a list essentially and I want to setup a constant in a search where, if the current user’s permission level is 2 or a smaller value, then show the results accordingly.
But I can only do a constant such as company_level > Admin, which honestly I don’t even know what it’s gonna attempt to do as I haven’t populated my database with this test.
I’d like to do something like company_level.level < 2
Is this the same thing? or is it based on the less and greater than apply to sorting order…
If that’s the case I guess, could still work with that. But it’d be nice to know how to do the number’s constraint as well
See screenshot below for more context.
Hi there, @Alan_x_n… to create the constraint you described, you would have to use an advanced filter like this.
If you haven’t used an advanced filter before, be aware that the filtering takes place on the client (browser) side. So, the search is going to return all of the relevant items to the client, and then the filter will be applied.
Hope this helps.
I appreciate the note @mikeloc about the client side filtering. Never new about the ‘advanced’ filter before, it’ll surely come handy. Would you happen to know how to do the server side search/filter? For security purposes, it’d be better if that were possible.
It’s funny but I had never tried using an operator like greater than in a constraint related to an option set, and I glossed right over that part of your initial post. I just did a quick test, and it appears to get all of the options that are greater than the specified option when all of the options are sorted alphabetically. So, no, it’s not the same as what you are trying to accomplish.
If you want to move the check for the level to the server, you could consider storing the option’s level in a field on the company user profile. Some folks dislike suggestions like that one, but I am never opposed to adding an extra field here and there if it gets the job done.
Haha, thanks for doing that test. I guess if I really wanted to make it work the way I want with option sets, renaming the display name to make it work alphabetically might actually be a decent work around.
Worse comes to worse, If later, I found out it’s not a sustainable solution, I’ll probably opt to storing it as a field.
@Alan_x_n This might be worth a shot as a Search constraint (not advanced filter but regular search constraint)
company_permission_level is in All Company Permission level:filtered, then inside that filter do
This Company Permission Level's Level > 2
Not sure the performance benefit, maybe @mikeloc knows.
Seems like what described would just do a client-side filter on the list of options, then a server-side search on all your company_user_profiles
vs. your current advanced filter doing a client-side filter on your entire list of company_user_profiles
That works too! @tylerboodman
I’m not totally clear though, are you saying both solutions are client-side filters? and the returned results of company’s of all permission would be sent to the client from the server?
It’s probably about time for me to figure out the developer tools to sift through the client-side data…
I think what I described is faster, the
is in constraint is still server-side meaning it just needs to use a quick advanced filter on the option set then run that server-side search.
Just figured out how to sift through the data on the dev tools…man there’s a lot too look at, and by golly. I better setup the security measures correctly.
From what I can tell, @tylerboodman Your solution works the best, as I don’t believe I see any client-side data that isn’t supposed to be showing.
Great! Too be fair though I don’t think people consider the advanced filter any less secure, if the privacy rules let the data get by then it can be exposed by accident in the future with the wrong server-side constraint still. Speed of course is better with server-side search though which is what I was after
On their Privacy rules doc page they even say:
If you haven’t explicitly created privacy rules for a given thing, then the data is not secure.
So they are deeming it as exposed regardless of a server side or client sider filter
I agree though the less “giant lists of things” downloaded to the client for them to snoop through the better
This topic was automatically closed after 70 days. New replies are no longer allowed.