Hi - I’m reviewing Bubble with a view to using it to make a SaaS version of a legacy app. I have a question as follows:
TLDR: How to make Role-Based Security at the row level in Bubble.io
- Users work in teams.
- A user might be assigned to a team and later de-assigned. This would cover a period of volume stress.
- Users create transactions - think of an insurance claim.
- When the transaction is created it is associated to one of the teams that the creating user is attached to. Think of teams like Northern, Southern, Western, etc.
- The transactions must be accessible by any member of the team associated. So a transaction associated to the Northern team can only be accessed by a user who is a current member of that team. Think of a team of clerks at a call centre - any clerk (user) can update a transaction linked to their team.
This is the Role-Based Security pattern. I know Bubble has its own layer of data access security, however the difference here is that access must be via the user being a member of a list that changes frequently AND that list must be managed via the app UI, not by app design admin.
If I were doing this in a SQL RDBMS I would have tables
transaction(transid, title, teamid,…)
then my query would be
select * from transaction where transaction .teamid in
(select teamid from teamMember where userid = currentUserId)
How would I do this with Bubble?
Thanks in advance