Good evening, folks!
I’m back again with the Privacy rules configuration issue for Bubble tables.
To sum up the problem, none of the rules I created with an option set as a parameter within the option set itself are working. I was told that the entire issue was with the option set itself, and that Bubble, for security reasons, wouldn’t allow it to be used in the privacy tab, etc. I was advised to create a field in the table itself to serve as the filter and activation parameter for the rule, alright.
Today, I did that, and it didn’t work. I was really frustrated because I’ve been stuck on this Privacy matter for over a week, with immense difficulty!
Today, I decided to test a very basic rule to see if any filters would be activated based on the rule. So, I created the following: ‘WHEN CURRENT USER IS LOGGED IN…,’ he shouldn’t be able to see any fields or find anything in searches. To my surprise, everything still keeps appearing! It completely ignores the rule and goes to the Everyone Else rule tab, which is only activated when no user-created rule is triggered. When I deactivate its data as well, that’s when things stop showing up.
In the process, I confirmed whether it might be a problem even verifying if the user was logged in or not, and no, the Bubble system confirms that the user is indeed logged in but doesn’t follow the filter. I’m desperate, needing to move forward with a task, and I can’t seem to get past this Privacy part!
Below, I’ve attached some screenshots that illustrate my problem, showing Bubble, the project running and displaying what it shouldn’t display in the logged-in user rule, and even a preview of the browser’s inspection tool showing that the current user is logged in.
If I’m following correctly, It appears that “everyone else” just prioritizes over the rules (as expected). Although a bit confusing, you’d expect data that anyone can view isn’t hidden from others.
In your example are you expecting it to not show any data bc the user is logged in? With the expectation that rules overrides public “everyone view”?
The more open privacy rule rules. 
I am trying, in any scenario, to make sure that a rule I created is met. What I want to achieve is something like, Is Current User a Contributor? If yes, limit to these N fields… but no rule I create is met! In the case I used for the topic, it checks if a user is active and if so, it shouldn’t display anything, but it still displays it even if it falls under this rule, it ignores it and falls under the default rules even though it is true
My point is, no matter the rule, it never matches, even if it is true.
Yes. As it should.
No. The ‘everyone else’ rule isn’t activated only when no user-created rule is triggered. It always active. Privacy rules are additive - when Bubble is deciding whether someone has access to a data type or field, Bubble goes through each privacy rule and adds the permission from each.
If you have ‘Current user’s logged in’ with ONLY ‘View all fields’ checked and ‘Everyone else’ with ONLY 'Find this in searches’ checked, a logged in user will be able to View all fields and Find this in searches because they satisfy both rules.
If you want to see privacy rules work in a way that is related to what it sounds like you are trying to do, give the following a shot.
Create an option set that defines different user roles such as admin and contributor.
Next, create a field on the User data type called role, and link that field to the roles option set.
Then, create two privacy rules on the Job data type… have the first rule say when the current user’s role is contributor, they can find jobs in searches and view certain fields… have the second rule say when the current user’s role is admin, they can find jobs in searches and view all fields… do not allow everyone else to find jobs in searches or view any fields.
Finally, set the role field on one of your users to contributor and set that field on another user to admin… then run as each one of those users, and you will see that the privacy rules work (assuming you have set everything up correctly) by only being able to see certain job fields when you are running as the contributor and seeing all job fields when you are running as the admin.
This topic was automatically closed after 14 days. New replies are no longer allowed.