I am pretty sure I am missing something.
In all my tables/types I can set privacy like this: CurrentUser is the Table’s creator.
In the Users table, this option is not possible. Does this mean the User table is exposed to everyone?
I see you did not use the WHEN…
Try to set the WHEN with something like CurrentUser is the Table’s creator It won’t let you.
So that does mean that anyone can see any new field in the USER table?
Oh I see, the creator field isn’t available although the rest of the custom fields are. What if you added that field yourself so that you can set the value and then access here?
Here is what I think the problem is. To lock down any table/type with privacy rules you need to use a field that cannot be modified. One field that cannot be modified is the EMAIL field in the USER table which is SYSTEM-CREATED. This makes a perfect field.
However, when you go lock any table the EMAIL from the USER table is not available for filtering. For example if you use the following privacy filter:
Current user 's (search), then the list of search of the USER table does not include the EMAIL field.
I don’t know if this is a design issue with Bubble or if I am missing something major here.
For example: If you have a table SomeTable with a field userEmail. If want to lock down the table with a privacy rule as follows:
Current user 's email however this field is not available
Gaby, (@romanmg)
I think I see what you are saying, after I learned the following:
- @emmanuel Cofounder said Aug 3: “No, editing data happens only through workflows…”
- What you stated above
So in conclusion: A value placed in the user table via workflow can be used to privacy-protect other tables because it can only be modified via a workflow. And the user table can be privacy-protected by “Current user is this User”.
@romanmg Please confirm so I can place a RESOLVED in the tittle.
Thanks
Yes this is correct! And just to answer your original question, the table isn’t necessarily “exposed” to everyone in a viewable sense, it’s just that if you have workflows where users can modify fields, these privacy settings allow you to control what they can/cannot modify. So, yes, if you do “Current user is this user” then that means the current user will only be able to modify his/her own User record.