Privacy settings re making emails of users private

I believe this is a simple question - I just do not understand Bubble’s jargon.

When I launched my app I got the familiar message: “Just a heads up - you haven’t created any privacy rules for your app yet. If all the data your users submit should be public, you’re all good. If they are uploading private data, use privacy rules to make sure that data access is limited to people who should be able to see it. You should in particular check the user type…”

My app is a simple stripe-based subscription service. Users enter email, password, and then are prompted by stripe to pay for the subscription (under the plan I created in stripe). My understanding is that passwords are not kept in the Bubble database. And Stripe is handling the PCI data security issues. And I only have one data type in my app - user.

I certainly want to make sure that only I can access my list of users (subscribers). I’m aware that with Bubble’s default settings, a simple script can “discover” my users’ emails, despite not building any feature of my app to show users the other users. How do I make these users private (I’ve attached at the bottom what I think I’m supposed to do, but I have no clue if this is right why it works)? Also, if I do this, will this disturb any of the features of my Stripe subscription?

Thank you for your help!

No, it shouldn’t.

You would need 2 privacy rules defined.

  1. So the user themselves can view information about themselves
  2. So you can view users

For #1:
You are on the right track with “This User is Current User.” You simply need to make sure you check the “View all fields” box.

For #2:
I’m not sure how your database is set up, but you should create a type called something like isAdmin?. From there, you would only make yourself and anyone else you might want to have that list of users the boolean value of Yes. In this case, your “When” would be Current User isAdmin "is yes."

If it’s just you that needs to be able to view the list of users, you can also do something like this in the “When” value: Current User's email address is __your email__. Just be careful about this in the terms of: make sure that you never delete an account with that email.

Hope this helps and clarifies a bit! :blush:

1 Like

Thank you Johnny!

Just to clarify: your paragraph #1 is what will only allow users to view information stored in the database about themselves? If so, why does this exclude them from viewing all the other users’ email address?

Regarding how my database is set up, it is very simple. I’ve done nothing other than create a user based on email address and password. And as far as functionality, all I am concerned with is the user being able to navigate through the App (based on having an active stripe subscription) and for new users to be able to subscribe.

This newly published video by @Jeremy might be helpful.

1 Like

Thank you - that was very helpful!

1 Like