Frontly makes it really simple for you and your users to visualize data directly from a spreadsheet. With effective record management, controlling who has the ability to Create, Edit and Delete those records is pivotal to ensuring data integrity, security, and user accountability.
Note: While Create, Edit, and Delete settings can be generally toggled in any Form block, this article specifically outlines the process of allowing or restricting specific users from performing these actions within the same block.
Scenario
In your app, you may have a directory of people with their image, name and contact information listed. All users can view these contacts, but ideally you'd want to assign permissions selectively. This ensures that only authorized users have the ability to create, edit, or delete contact details, preventing any unwanted alterations by unauthorized individuals.
In this scenario, you may have a breakdown of tasks and their respective permission levels like so:
Create: Only Admin users can create new contacts.
Edit: Only Admin users and the individuals themselves so can edit or update their image and contact information.
Delete: Only Admin users can delete existing contacts.
Differences in the user interface depending on the permission levels are shown below.
With Editing / Delete permissions:
Without Editing / Delete permissions (viewable only):
Configuration
For any block that enables a Detail View, click on the 'Advanced' tab to locate the 'Permissions' section.
Regardless on what type of permissions you want to restrict, clicking 'Add Condition' creates and opens the same 'Edit Condition' menu.
Overview of Fields
Value 1: Here is where you'll have to set your data source which will ideally be a dynamic variable. This data source is where the system will analyze the parameters you've defined in order to determine if the conditions have been met.
Operator: You would ideally want this to be 'Equal' to the 'Value' you will establish, but there are many other operators to choose from depending on how you wish to apply the conditions for your permissions.
Value 2: This can be static or dynamic. Clicking on the field will open an injector modal where you can select the dynamic variable of your choice. Within the data source you've defined for Value 1, the system will search for the value you've entered here and determine if the condition has been satisfied in relation to the Operator you've set.
The most relevant variable you'll be injecting into this field for these permissions will be the 'Detail' variable ({{detail.Custom Field}}), as you'll want to compare your Data Source and Value to the information inside your Detail View.
Condition Type: Use this to specify how a condition will be combined with one or more other condition to create an expression:
When conditions are connected with an 'AND' operator, all specified conditions must be true for the entire expression to be true.
When conditions are linked with an 'OR' operator, the expression is true if at least one of the conditions is true.
Scenario Setup
Circling back to the example with the directory, see below how each of the desired conditions were configured.
Result: Only users who are in the User Group, "Admin", are able to Create, Edit, Delete records.
Result: Only users whose user email matches the email listed on the 'Email' field of the spreadsheet would be able to Edit their own contact details.
Additional Resources
Click on any of the articles below to learn more about the these Frontly concepts and features!