When restricting content visibility and access across the platform there are a few things to know.
- Access Permissions control what users can view, and their abilities on the website.
- User Groups and Folders control what specific screens and content users can view.
- Formula filters control what users can view within a specific screen on the app.
Restricting control and access levels on the website
Access areas control the website areas and features that users are permitted to see. You can give users limited access to parts of the secure website. This is done via the Access Permissions section found on the 'edit user' page. Click on Organization & Users from the navigation menu, then click Users & Groups from the drop down. Hover over the user you want and click 'edit user". You will then choose the access level and specific areas that the user will be permitted.
- Read Only access allows users the ability to view.
- Read/Write access allows users to modify content and have access to most functions.
- Administrator access allows users full control over all aspects of the system. This designation is the only user level that has access to administrative areas of the website menu, such as Organization Setup, Users etc.
Simply unselect the areas you want to keep the user out of, e.g. unselect the App Builder area to remove that option from their navigation menus.
Restricting Access to Screens and Docs
Restrict access by folder
If you want to show different screens to different users, e.g. allow managers to see additional screens, you should create folders and assign relevant screens/docs to them. These folders should be modelled for the specific role or app user groupings you wish to control. You must ensure the relevant users have been given access to the respective folders.
You can turn on access restrictions to each individual folder by user group and/or individual user. For more information on how folders work, refer to the folders section of this support website.
Managing user groups access
User groups make it easier to manage a large numbers of users. Administrators can create groups to represent the various units/departments in your company account. This approach ensures that you don't have different departments seeing and/or modifying content that belongs to other departments. To create a user group follow these steps.
1. Using the navigation menu on the left, click on Organization & Users, and click Users & Groups from the drop down.
2. Locate the 'Group' section in the top right and click +New.
3. Assign users to their relevant groups.
4. Assign these groups to specific folders via the Folder Settings popup. This is accessible via the 'cog' icon found next to the folder name in screens, docs and data source listing pages.
Restricting screen access/visibility on the app
Another option is to create your own custom app start screen. You can do this by using the 'Start Screen' option. Using the navigation menu click on Apps, then select App Set Up from the drop down. If you create a custom icon screen you can apply visibility formula to dynamically show/hide the respective icons of that screen.
Filter data rows prior to being sent to the app
If you need to show restricted data rows seen by the user based on complex organization rules consider the following options:
Run a hosted GET web service
You can host rows of the data source on your own server and use our Hosted GET connector option on the data source in question. This means that your Hosted GET web service will have the ability to apply user-specific filtering on the data when the app requests the rows. Hosted GET gives you maximum flexibility to apply whatever organization rules you need. It requires software development skills to create the web service. For more information, take a look at our Hosted GET documentation available on this support website.
Use our sync product
This refers to our 'integration in a box' stand alone product, which you can install locally on your server. Sync automatically creates a database and auto-populates it with form entry data as needed. This product also automatically exposes Hosted GET services based on database tables that you nominate. It means you can enjoy the benefits of Hosted GET without needing a programmer. You simply install and configure sync to handle the integration for you. Contact our support team for more information and a free trial of Sync.
Dynamically filter data rows on the app
Another way to control the visibility of data and screens is by using our powerful formula engine functionality. This is available wherever you see the 'hammer' icon in screen designers. You can leverage it to filter and show/hide items in the following ways:
Apply 'in-screen' filtering- Depending on the screen in question, you can also apply app-side dynamic filters to data source rows by using our formula engine. For example, on a form screen, you can specify a filter formula on choices and data source fields. Similarly, filters can be specified as parameters when opening listing and mapping screens.
Leveraging user metadata- User metadata is a set of key values that you can define for each user. Using the navigation menu click on Organization & Users, and click User & Groups from the drop down. You can setup user-specific data as needed, and then refer to these in a filtering formula via the USERMETA() formula function. For example, you can add the employee's group/role code as metadata, and then filter rows where the role/group column equals the user's metadata value.
Apply cross-screen context with global values- Global values are device specific values that you can assign through a form screen, using the 'Bind to Global Value' property available on most field types. This allows you to set a value, accessing it by a key name of your choosing. You can also refer to global values in any filter formula via the GLOBALVAL() function. Global values are a great way to have users set a 'context' for their app session, with that context selection then being available to any screen's formula areas.
Consider this example:
- Have the user select their current job/project context (which is bound to a global value) via a simple form.
The form should be configured to NOT upload on completion, thus saving many meaningless form entry submissions. You can configure this 'no upload' behaviour via the 'Do Not Upload Data' option found on the settings page of every form screen.
- Design other app screens to apply filtering and visibility formula by referring to the saved user context via the GLOBALVAL() function. This way the context the user chooses will 'follow' them through the other app screens they see and use.