Question about use case: Multiuser access management

Hi,
I was just wondering whether the following use case could be eventually be used with baserow, as I am not sure about the planned functionalities.

Let’s assume there are several users and they have to send data to a central db table. The users would send the data through baserow. But the users are not allowed to see what the other users have inserted. Actually the users are only allowed to see what they inserted themselves in the past.

So one db with one table that is valid (in its shape, data types) for everyone. But the access is restricted only to “own” data of each user.
The admin only is able to collect the data from all the users for further processing.

Kind regards
Christian

Yes that is possible.

image

If you have a list with unique identifiers you can filter the contents of the table. So users would only see themselves.

In the Baserow extension for Kodular or App Inventor it would work like this. Remember what you see is an api call translated into a block.

So if I would search for “Peter” I would get 2 rows returned, if I would search for “r” I would get 4 rows returned.

2 Likes

Thank you, for your answer!

So, if I understand correctly, baserow would serve as the db-api. An additional app is necessary to make the api-calls. The frontend for the users for typing in data than would go, in your example, over an app made through Kodular or App Inventor, and not over the frontend of baserow. User management and so on would go over the other frontend app, as far as I understood.

No, you can also filter directly in Baserow. I was just explaining how i use Baserow and would do it.

image

image

You can have multiple filters.
image

Reminder: I am also still learning the possibilities of Baserow :wink:

1 Like

Your described use is currently not possible by just using Baserow. You would need some external tools to make it happen. If multiple users have access to the same table and you add a filter that only shows the rows that have been created by a certain user, the other users can easily remove that filter or create a new view to get access to all the rows. All users that have access to a group have the same permissions currently.

In the future we plan on introducing role based access control. If we’re going to do that on row level, it should be possible to only give read access to a certain user. Not sure yet how it would work practically, but it should be possible to only give users access to the data that they have created. As an admin, you would be able to see everything of course.

1 Like

So users who for instance use Kodular to make an app that fills the Baserow database and get filtered data back should do what the OP wants. Or am i missing something?

What I mean is that it would not work by just using Baserow. In combination with another tool like Kodular it could be possible, but if you only work with Baserow directly it’s not yet possible.

2 Likes