Is it possible to grant users temporary access to data normally non-accessible to that user group?
For example: Guest purchase checkouts.
There will be a page detailing guest order details containing some private information e.g shipping address. Because guest users data is deleted within 3 days, and I’ve set the privacy so that order details can only be accessed when current user = order’s creator → guest users cannot view order details past 3 days.
Is it possible to generate a link to be sent through email so anyone that has access to that link can see private information for 15 minutes?
Thanks for reading!
You could use the slug for this purpose. Plus an additional random value on the thing that’s passed to the intended party.
this way even if somebody guesses a slug, it’s unlikely to still also guess the secret password held within that thing
In my apps I have a data type called “access level”. This is the way I differentiate my users by administrators, managers, staff, clients and etc… And also control their access level.
You can do the same. And thru a workflow you can change user’s access level and schedule a workflow to change it back in 15 minutes.
Thanks for the suggestion! Although I’m not sure how I’d be able to identify guest users and grant only specific guest users private access?