Help CenterGo back to application
Help CenterGo back to application
Getting Started
What is Tabidoo?How To Start With TabidooTabidoo’s TerminologyApplications, Modules and TablesTemplatesCustom Design And SettingsCustom Domain - Settings
Basics
Fields
Advanced
Users And Roles
Users And RolesUser Roles - Advanced Settings
Dashboard & Widgets
Reporting
Workflow Automation
Custom Data Source
Snapshots
System log
System log
Developers
Templates
Digital Company

User Roles - Advanced Settings

In this chapter, we will show you how to set up user roles so that users can edit (add and delete) only their own records. At the same time, these roles will allow the users to see the records of other users, which they are unable to edit.

In this chapter, we will show you how to set up user roles so that users can edit (add and delete) only their own records. At the same time, these roles will allow the users to see the records of other users, which they are unable to edit.

It is necessary to create two roles that will combine the conditions for enabling the editing of records and prohibit the editing of someone else’s records.

The table needs to contain an item that can positively identify the user who will be included in the roles evaluation condition. It is possible to add a system item called “Created” or in other words the author of the record.

In the Developer level section, select the field “Schema item internal name” and name the newly created item “Author”.

Next, we will create two roles. One role will allow the editing of the user’s own records and the other one will prohibit editing of someone else’s records.

User role for editing user’s own records

Follow these steps:

  • Create a new role named, for example, “User - Editing of Records”.
  • Set the level of the application as follows:

Application permissions

  • In the table level tab of the selected table, set the access to “Write”. Leave the default setting of the other options.
  • Next, set the condition for the role:
doo.model.Author.value === doo.currentUser.login.value || !doo.model.Author.value

User role for reading someone else’s records

Follow these steps:

  • Create a new role named, for example, “User - Reading of Records”.
  • Set the level of the application as follows, just as you did with the previous role.
  • In the table level tab of the selected table, set the access to “Read”. Leave the default setting of the other options.
  • Next, set the condition for the role:
doo.model.Author.value !== doo.currentUser.login>

Now, assign both of the two roles created above to the users who are allowed to create, edit, and delete their own records, and on the contrary, can only view another user’s records, without the ability to make changes.

Powered by Product Fruits