Privacy Rules settings for three types of permissions

Hi,
There are three User roles in my application.
ADMIN, SUPERVISOR, and STAFF.

SUPERVISOR" manages multiple “STAFF”.
A “STAFF” can be associated with multiple “SUPERVISORs”.

Only the Current User or the SUPERVISOR that manages the Current User can view the data assigned to a “STAFF”.

In this case, how should I set up the database and Privacy Rules?

Hi there, @y11… if I was doing what you described, I would use an option set to define the user roles, I would have a role field on the User data type (with that field being associated with the option set), and I would likely have a staff field on the User data type that is a list of users.

With that setup in place (and assuming you add users to a supervisor’s staff list field, of course), a privacy rule on the User data type that looks like the following should produce the desired result.

FYI… before you try to create that privacy rule, go to the Settings >> Versions tab and enable the experimental expression parentheses feature.

Hope this helps.

Best…
Mike

1 Like

@mikeloc

Hi, @mikeloc

I appreciate it very much.
The problem I had been struggling with for two weeks has been solved by you.
Thank you very much.

1 Like