How is the logic of application regarding client-side and server-side?
If I create a logic to show/hide an input, this is client-side and rendered on the browser.
In the same way, if I manage the click-ability of a button, I guess this is managed on the browser.
But, is it possible to overhaul this logic operating with an inspector of the browser?
When I create a when-condition on a workflow, is this managed server-side?
Which is the best approach to secure undesired action by the user?
The best way to secure your app data is through Privacy Rules. Even if you show/hide stuff using conditions you should still secure them through Privacy Rules. Here’s a nice guide on that by Bubble.
Thanks, it’s clear now! I am struggling with the inherited fields containing data types.
I would like to create a privacy rule based on the “company” (as data type) because my app will be multi-company. If I want to state a privacy rule based on this, I understood I have to add a field in the company data type listing the users. In this way, I can use “company” to decide which user can see e.g. an order based on which company the user is part.
I tried another approach, adding a data type field in users data type. In this way, I can’t set completely the privacy rules.
Am I in the right direction?
