Privacy rule advice freelance help!

I started using Bubble this November and building my app has gone pretty smooth until now. Im building a job board app where employers can advertise job openings and candidates apply. I have almost completed all functionality and have now started with privacy rules and Im really stuck. Cant seem to find in depth information of how to structure the privacy rules. Hope anyone can help out with advice to solve this problem or direct me to something relevant to read:

  • A User can either be Candidate or Not Candidate. Which mean that both candidates and HR-staff are in same User table.
  • Some Employer are connected to same Mother company
  • A Job posting belongs to an Employer
  • A job posting have a list of applied candidates and possibly one booking request or possibly (candidate) one booking (candidate)

How can I structure a rule which allow a User who works for an Employer (HR-staff) to see candidates only if they have applied, received a booking request or is booked.

Thanks in advance for any advice.

A clarification to the problem. I set up this rule and this issue message seem to come up all the time. Any idea what Im doing wrong?

It seems like you would want to have a list of users who applied for a job with a specific company set up in your database. You could do this in a number of different ways. Imagine though that each “non candidate” is linked to a type called “company”, and each company contains a list of users who have applied for a position with that company (let’s imagine the field is called “applicants”

Then, you could set up something like “Current User’s candidate is “no” AND current users company’s list of applicants contains this user.”

Hope this helps!

1 Like

The red text is telling you that you simply cannot build that expression in Privacy Rules. (The Issue Checker cannot tell you more… It’s just saying, “Please complete a valid expression here.”) Note that Privacy Rule expressions are very limited and are really only valid for things like:

“Current User is this Thing’s Creator”

Privacy Rules are essentially about ownership/“creator-ship” of the object (if you will) and cannot be complex.

1 Like

@mario5 Setting up Privacy rules can be pretty hard. To make it easier for you write down on a piece of paper what information needs to be protected.

For example:

  • I need to only allow Applicants and Employers to see Job applications and nobody else

Privacy rules would be:

  • Current User isn’t logged in > Uncheck everything appropriate
  • This Job Application’s Applicant is not Current User > Uncheck all boxes
  • This Job Application’s Employer is not Current User’s Company > Uncheck All Boxes

Database tables would look like

Job Application

// User would be the Applicant
// Company would be the Employer

You also need to understand how relational databases work to get a firm grasp on this.

p.s. I would be more then happy to set this up for you and depending on your database tables it shouldn’t take more than 2 hours and anywhere between 1-2 hours with testing.

No-Code Venture

1 Like

Thanks @Keith, your answer is interesting. Do you see another way to implement a bit more complex restrictions?

Ideally it would be nice if the user’s themselves can define their privacy with checkboxes.

Yes, there is, and you’d do it like @nocodeventure describes very well above. I believe if you create field(s) on the object that represent privacy states you can then key off of those in the rules (which is one way to get more fine-grained control).

@jacobgershkovich also points the way.

Basically, think of Privacy Rules like a cascading set of conditions.

You’ll run into some confusing messages in the Privacy Rules page as you go, but you can get what you want. I can post some images or a video a lil later as I do have an example project set up right now with exactly the “job board” scenario.

(Aside: there’s been a lot of “job board” related questions around the forum lately. What’s up with that? Are job boards the new “to do list” app?)


Thanks @jacobgershkovich and @Keith for feedback. Lets connect later @nocodeventure :slight_smile:

About a possible job boards hysteria - the recruitment sector is in my view much of a very expensive black box for employers. Job boards can make sense in niche industries allowing employers and candidates connect directly without the expensive middleman…like LinkedIn but not that general.

1 Like

Having a similar permissions issue with the expression not showing as valid when it definitely should. Some of my tables are:

Permissions Table

My apps allows certain users to manage multiple buyers/sellers profiles based on the Permissions Table which I am using as a Join. (Ex: If user’s permission table contains Buyer and Permission abc, they can see/edit.)

It works great in the app… but privacy rules won’t recognize the expression. Exact expression in privacy rule is: Current User’s Permission Table contains This Buyer.

This seems like a simple expression… any tips or workarounds?