User Roles - Advanced Settings

In this chapter, we will show you how to set up user roles so that users can edit (add and delete) only their own records. At the same time, these roles will allow the users to see the records of other users, which they are unable to edit.

In this chapter, we will show you how to set up user roles so that users can edit (add and delete) only their own records. At the same time, these roles will allow the users to see the records of other users, which they are unable to edit.

It is necessary to create two roles that will combine the conditions for enabling the editing of records and prohibit the editing of someone else’s records.

The table needs to contain an item that can positively identify the user who will be included in the roles evaluation condition. It is possible to add a system item called “Created” or in other words the author of the record.

In the Developer level section, select the field “Schema item internal name” and name the newly created item “Author”.

Next, we will create two roles. One role will allow the editing of the user’s own records and the other one will prohibit editing of someone else’s records.

User role for editing user’s own records

Follow these steps:

  • Create a new role named, for example, “User - Editing of Records”.
  • Set the level of the application as follows:

Application permissions

  • In the table level tab of the selected table, set the access to “Write”. Leave the default setting of the other options.
  • Next, set the condition for the role:
doo.model.Author.value === doo.currentUser.login.value || !doo.model.Author.value

User role for reading someone else’s records

Follow these steps:

  • Create a new role named, for example, “User - Reading of Records”.
  • Set the level of the application as follows, just as you did with the previous role.
  • In the table level tab of the selected table, set the access to “Read”. Leave the default setting of the other options.
  • Next, set the condition for the role:
doo.model.Author.value !== doo.currentUser.login>

Now, assign both of the two roles created above to the users who are allowed to create, edit, and delete their own records, and on the contrary, can only view another user’s records, without the ability to make changes.

Example

I would like to be able to view the records assigned to me with the field type of URL/Mailto link.

Follow these steps:

  • Create a new field type of URL/Mailto link.
  • Create a new field type of Calculated field and insert the URL/Mailto link item into the formula editor.
  • Behind the item in the Formula editor, add ?.href. 

  • Next, set the condition for the role:

 

doo.model.<[URL (URL)]> === doo.currentUser.<[Login (login)]>

Should there be a link to another table, the process is similar; you simply create a link to the URL/Mailto link item and then display it in a Calculated field.