Is The APP Totally Open Without Any Privacy Settings Set?

I’m finally coming around to my launch of this and stumbled into the next hurdle which is securing it.

How do we secure things like our users or listings or other Things which should be only shown to the User who created that Thing?

I see the privacy settings but don’t know how to set them up clearly yet.

Are they even necessary? I assumed that in order to view the content they would need to be logged in, and if they’re logged in they get to see one set of navigation buttons and links but if they aren’t logged in their booted to index and see a different set of navigation links. ?

Yes they are necessary (as indicated in the Editor). What you’re describing will protect workflows, making sure that if someone isn’t logged in a workflow can’t get run, but if you don’t set privacy settings, someone who is hacker-minded (but not a hacker master, it’s not too hard…) can read things in your app database. While if you set up privacy rules, we enforce these rules on the server, which makes things much safer.

1 Like

Is this the correct way to go about this?

I’m trying to limit the access to the Message Thread (or message) to only the parties who are participating:

What happens if you miss-set one of these?

It will simply be blank on the application where that element should have been?

Yes that looks good, but I’m not familiar with your app.

If this is not set right, you have 2 situations:

  • you give too much rights to too many people, they’ll be able to see results that they shouldn’t.
  • on the other hand they will just see empty search results, or some fields will be hidden (depending on your settings).
1 Like

Ok, and correct me If i’m wrong but the only way to test is to act as someone else by creating mutliple user accounts correct? There is no 'view AS…"?

Yes, you should create different accounts.

1 Like

What can and cannot be done by these potential hackers if they do access something?

Can they edit other users profiles?

Or only view other Things that may or may not belong to them?

If it’s not sensitive and cannot be changed by the person then I assume we can simply leave it open? Or is this strictly not advised?

I get the basis for security with sensitive information such as financial information where it shouldn’t be viewable by others, but if they can’t edit or change or do anything with the information and only view, then I think in this app I can skip this all together.

No, editing data happens only through workflows. But it’s for reading.

Let us know if this message isn’t explicit enough… It says clearly “see”, not “modify”.

Just a heads up – you haven’t created any privacy rules for your app yet. If all the data your users submit should be public, you’re all good. If they are uploading private data, use privacy rules (see Data -> Privacy) to make sure that data access is limited to people who should be able to see it.
Important: until you set privacy rules to let Bubble know what data should be visible to whom, anyone with some programming or hacking skills can view all of the app data, even if there isn’t a page in your app that explicitly shows it to them.

1 Like

Got it.

So in this case without setting privacy someone with knowledge would be able to download an entire user list and access all their emails and such from the DB?

Yes, as explained in the notification

Got it. I assumed that Users would be defaulted to private. But I’ll manage to set these settings I’m sure.

Are these the correct settings to restrict certain fields from view from all other users? I’ve unchecked 4 fields that relate to the users Payout Information (this is a marketplace app)

I’m nervous I’m not doing this right!! :slight_smile:

If we restrict access here under User, does this automatically restrict ALL “created by” permissions in all other Things so that they won’t be able to access the user you created that things email? I am trying to protect my users and email list.

1 Like

Removed: Should have read further down.