table/record security.

Options
mark lefler
mark lefler Member
in ? Help! I'm a Noob
I'm looking to make an app in Appgyver. People are going to have to log into it, which I get how to do. The app is really a repository for PDFs, which I figured I'd use Xano to store. I want to make it so certain users see only certain groups of PDFs, figure make each group a different table possibly. How would I do the security so that users can only see the PDFs or groups of PDFs I want them to see and not all of them?
· Share on Twitter

Comments

  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options
    Hi Mark! I would make a "group" field in users (coudl be a list type if you want multiple groups to a given individual). And I would make a table for your PDFs with maybe the link to the PDF as well as the group that doc belongs to. Then in your endpoint, based on the authenticated user, you would 

    1) get the group/groups from the user, 
    2) use "query all records" to look up all the docs with that group (or those groups if its a list). THe important bit   will be adding custom query in "input" that says the group of the pdf must be equal to the group from the user (or "in" the list of groups from the user if the latter is list-type)
    3) boom! you have your list of pdfs that go with that user. 
    · Share on Twitter

Categories