Adding multiple owners for Google App Maker records
I need help with Google App Maker data model security. I want to set multiple owners for a single record. Like the current user + the assigned admin + super admin. I need this because all records can have different owners and super-owners/admins. I know that we can point google app maker to a field containing record owner's email and we can set that field to the current user at the time of the creation of the record.
record.Owner = Session.getActiveUser().getEmail();
I want to know if it is possible to have field owners or have multiple fields like owner1, owner2 and then assign access levels to owner1, owner2...
Or how can we programmatically control the access/security/permissions of records?
The solution I'd use for this one definitely involves a field on the record that contains a comma separated string of all the users who should have access to it. I've worked on the following example to explain better what I have in mind.
I created a model and is called documents and looks like this:
In a page, I have a table and a button to add new document records. The page looks like this:
When I click on the Add Document button, a dialog pops up and looks like this:
The logic on the SUBMIT button on the form above is the following:
widget.datasource.item.owners = app.user.email;
widget.datasource.createItem(function(){
app.closeDialog();
});
That will automatically assign the creator of the record the ownership. To add additional owners, I do it on an edit form. The edit form popus up when I click the edit button inside the record row. It looks like this:
As you can see, I'm using a list widget to control who the owners are. For that, it is necessary to use a <List>String custom property in the edit dialog and that will be the datasource of the list widget. In this case, I've called it owners. I've applied the following to the onClick event of the edit button:
var owners = widget.datasource.item.owners;
owners = owners ? owners.split(",") : [];
app.pageFragments.documentEdit.properties.owners = owners;
app.showDialog(app.pageFragments.documentEdit);
The add button above the list widget has the following logic for the onClick event handler:
widget.root.properties.owners.push("");
The TextBox widget inside the row of the list widget has the following logic for the onValueEdit event handler:
widget.root.properties.owners[widget.parent.childIndex] = newValue;
And the CLOSE button has the following logic for the onClick event handler:
var owners = widget.root.properties.owners || [];
if(owners && owners.length){
owners = owners.filter(function(owner){
return owner != false; //jshint ignore:line
});
}
widget.datasource.item.owners = owners.join();
app.closeDialog();
Since I want to create a logic that will load records only for authorized users, then I had to use a query script in the datasource that will serve that purpose. For that I created this function on a server script:
function getAuthorizedRecords(){
var authorized = [];
var userRoles = app.getActiveUserRoles();
var allRecs = app.models.documents.newQuery().run();
if(userRoles.indexOf(app.roles.Admins) > -1){
return allRecs;
} else {
for(var r=0; r<allRecs.length; r++){
var rec = allRecs[r];
if(rec.owners && rec.owners.indexOf(Session.getActiveUser().getEmail()) > -1){
authorized.push(rec);
}
}
return authorized;
}
}
And then on the documents datasource, I added the following to the query script:
return getAuthorizedRecords();
This solution will load all records for admin users, but for non-admin users, it will only load records where their email is located in the owners field of the record. This is the most elegant solution I could come up with and I hope it serves your purpose.
References:
https://developers.google.com/appmaker/models/datasources#query_script
https://developers.google.com/appmaker/ui/binding#custom_properties
https://developers.google.com/appmaker/ui/logic#events
https://developers-dot-devsite-v2-prod.appspot.com/appmaker/scripting/api/client#Record
- How can I add machines to data already been sharded in SQL database?
- Error Establishing Database Connection with Wordpress in MAMP
- AWS Glue missing permissions
- What is the most suitable data type for a column in a table?
- how to save marital relationship in a database
- utf-8 vs latin1
- Firebase Firestore: Accessing Never-Retrieved Data Offline
- How to configure postgresql for the first time?
- How to import .db file to pgAdmin 4?
- Map string column in Entity Framework to Enum (EF 6, not EF Core)
- Oracle Scheduler Job Failing
- Creating initial SQLiteDatabase when app is installed
- How to put a comment into HQL (Hibernate Query Language)?
- Unable to install SQL Server(setup.exe) Exit code decimal: -2061893606
- Use Hibernate to save objects to the database
- MySQL database connection error: ManagedConnectionFactory is null
- Check for existing data before writing to database
- BigQuery - Transaction is aborted due to concurrent update against table
- php scrape to write to mysql database error
- naming suggestions for database timestamp field
- In immudb, can we know if a certain key is available before we do the `Get` query?
- Laravel 5 error SQLSTATE[HY000] [1045] Access denied for user 'homestead'@'localhost' (using password: YES)
- Where is MySQL's my.ini located on Windows?
- How can I rollback entire databricks catalog/database to a point in time
- Insert data using the official Rust QuestDB client and self-signed certificate
- Using pg_notify in PostgreSQL trigger function
- When should I use Datomic?
- Is it good practice to have a column for each user and a row for each user in SQL table?
- python + json file saving
- Wrestling simulator Entity Framework / database design