I have a file, and I want only the admin role for the user to access this file.
How do I use the “Attach Thing” to so that only the admins can view this file.
Example: If files are related to a Project. Attach the file to the appropriate Project record.
Create a privacy rule on the Project data type with an expression that looks something like “Only when current user’s role is Admin” > enable ability to view attached files.
So, if you attach it to something all users can access in general, then you can create a specific privacy rule to restrict file access to admins only.
I see, the thing is, I will only create the project after the button is pressed. So is there a way to attach the file after the thing (Project) is created?
When you attach a file to a Thing, anyone who can view that Thing (by privacy rules) can also view that file, assuming you’ve checked the ‘View attached files’ checkbox that’s enabled by default.
You cannot attach it to a Thing before it is created. That’s kind of a problem, as for file uploaders, the file is uploaded before anything is created, and as you point out, there’s nothing to attach it to.
You can either:
- Create a temporary file, and when ‘Create project’ is clicked, Make changes to the project rather than creating a new one. Just hide draft projects from the user.
- Create the project with the public file, use an API call to upload it again as private, set the file field with the URL of the newly uploaded private file, then delete the old file.
We need a ‘Set a file’s Thing’ action really 