I’m trying to clean up a bunch of privacy rules, namely things like email addresses and users’ names, which for a lot of us are used in a lot of places.
Is there an easy way to test if a privacy rule is going to break anything without having to meticulously work through every scenario where the field is used?
I’d probably just do a visual inspection of each page in the app.
Generally speaking if the privacy rules aren’t setup correctly, the data won’t show up on the page. Secondly, Bubble will declare an issue if you try and retrieve data for some arbitrary purpose without appropriate authority from the relevant privacy rules.
Hope that helps
It’s more the workflows that are causing me pain!
What do you mean by this statement?
I’ve not seen any warnings like this before, but that sounds like the kind of thing I’m looking for.
Here are a few ways to test privacy rules without manually checking every scenario:
Use the “Run as” feature in the Bubble editor. You can switch to view your app as a different user to see exactly what data they can and cannot access. Go to the preview and click on your profile icon, then “Run as” to simulate different user roles.
Check the Server Logs. When you run your app in debug mode, you can see in the server logs if any data access is being blocked by privacy rules. Look for entries that mention “privacy rule” or “access denied”.
Use the Debugger element inspector. When previewing your app, open the debugger and inspect elements that display data. It will show you if the data source returns empty due to privacy restrictions.
For workflows specifically, you can check if the workflow runs successfully by looking at the server logs. If a workflow fails because it cannot access certain data due to privacy rules, you will see an error there.
Create test users with different roles and log in as each one to verify what data they can see and modify.
The Issue Checker in Bubble editor sometimes warns you if you are trying to access fields that might be restricted by privacy rules.
The warning betteredbritain mentioned appears when you try to reference a field in an expression that is protected by privacy rules - it shows up as an issue in the editor or as a runtime error.
why use ai?
