How do I allow users to view only their data which is stored in a common entity?

Hi everyone, I'm new to Outsystems. In my app, I am creating a form for users to fill in everyday. This data is then stored in an entity. I want users to be able to view their entry history, however, I only want them to be able to view their own records and not other users'. The data must be stored in a common entity so that the app administrator is able to have the data is a single sheet. How do I go about doing this? Thanks!

Hello. You are placing a field to store the UserId in the entity, right?

Then create a screen that in its preparation you use an aggregate that has the following filter:

If(CheckRole(GetUserId()),True or False,YourEntitie.UserId=GerUserId())

Or something like this. 

You can create two screens.  Some with permission only for the Administrator and another for the ordinary user.  In the administrator there would be no filter, and in the common user one filter by UserId.

Hi RY,


I assume that you are storing UserId along with the data.

Given above assumption is correct:

In your aggregate for GetData Add the filter

Example from MoviesDB:

Again assuming your role name is Admin and entity name is DataEntity, the filter should be:

CheckAdminRole(UserId: GetUserId()) or DataEntiry.UserId = GetUserId()


Let me know if this helps.

Regards,

Saugat

R Y wrote:

Hi everyone, I'm new to Outsystems. In my app, I am creating a form for users to fill in everyday. This data is then stored in an entity. I want users to be able to view their entry history, however, I only want them to be able to view their own records and not other users'. The data must be stored in a common entity so that the app administrator is able to have the data is a single sheet. How do I go about doing this? Thanks!

Hi,


Yes, you can but for that entity must have userId column and at the time of data enrollment saved the logged in userId.

At the time of data fetch just add the condition in Aggregate like,

For user and userId = GetUserId()

For Admin, 

userId= Id Of admin

if you don't want to hard code then suggesting you add roles in the application and check role only.


Thanks 


Eduardo Sousa Sales Rodrigues wrote:

Hello. You are placing a field to store the UserId in the entity, right?

Then create a screen that in its preparation you use an aggregate that has the following filter:

If(CheckRole(GetUserId()),True or False,YourEntitie.UserId=GerUserId())

Or something like this. 

You can create two screens.  Some with permission only for the Administrator and another for the ordinary user.  In the administrator there would be no filter, and in the common user one filter by UserId.

Hi Eduardo, thanks for your advice regarding how to solve this issue. How does the admin screen work?


Saugat Biswas wrote:

Hi RY,


I assume that you are storing UserId along with the data.

Given above assumption is correct:

In your aggregate for GetData Add the filter

Example from MoviesDB:

Again assuming your role name is Admin and entity name is DataEntity, the filter should be:

CheckAdminRole(UserId: GetUserId()) or DataEntiry.UserId = GetUserId()


Let me know if this helps.

Regards,

Saugat


Hi Saugat, think this may work. However, I am unsure how to store the userId when user is inputting. May you guide me with that? Thanks!

JitendraYadav wrote:

R Y wrote:

Hi everyone, I'm new to Outsystems. In my app, I am creating a form for users to fill in everyday. This data is then stored in an entity. I want users to be able to view their entry history, however, I only want them to be able to view their own records and not other users'. The data must be stored in a common entity so that the app administrator is able to have the data is a single sheet. How do I go about doing this? Thanks!

Hi,


Yes, you can but for that entity must have userId column and at the time of data enrollment saved the logged in userId.

At the time of data fetch just add the condition in Aggregate like,

For user and userId = GetUserId()

For Admin, 

userId= Id Of admin

if you don't want to hard code then suggesting you add roles in the application and check role only.


Thanks 


Hi Jitendra, thanks for your advice. I have no access to the User module currently due to organisation restriction. Do you know how to save the logged in UserId when user submits an entry?


R Y wrote:

Saugat Biswas wrote:

Hi RY,


I assume that you are storing UserId along with the data.

Given above assumption is correct:

In your aggregate for GetData Add the filter

Example from MoviesDB:

Again assuming your role name is Admin and entity name is DataEntity, the filter should be:

CheckAdminRole(UserId: GetUserId()) or DataEntiry.UserId = GetUserId()


Let me know if this helps.

Regards,

Saugat


Hi Saugat, think this may work. However, I am unsure how to store the userId when user is inputting. May you guide me with that? Thanks!

Hi RY,

In your table (UserComments in my screenshot) have an attribute of type User Identifier (UserId in my screenshot). 

Table User is provided under System Database which has the user details.This provides the Id attribute for unique identification of the user.

You have to use GetUserId() under Build-in functions \ Roles to get the user id of logged in user.


In your record for comments (UserComments in my case) set UserId = GetUserId() along with other parameters and save.


Then in your filter for aggregates you can use the condition I provided earlier.


Regards,

Saugat


Saugat Biswas wrote:

R Y wrote:

Saugat Biswas wrote:

Hi RY,


I assume that you are storing UserId along with the data.

Given above assumption is correct:

In your aggregate for GetData Add the filter

Example from MoviesDB:

Again assuming your role name is Admin and entity name is DataEntity, the filter should be:

CheckAdminRole(UserId: GetUserId()) or DataEntiry.UserId = GetUserId()


Let me know if this helps.

Regards,

Saugat


Hi Saugat, think this may work. However, I am unsure how to store the userId when user is inputting. May you guide me with that? Thanks!

Hi RY,

In your table (UserComments in my screenshot) have an attribute of type User Identifier (UserId in my screenshot). 

Table User is provided under System Database which has the user details.This provides the Id attribute for unique identification of the user.

You have to use GetUserId() under Build-in functions \ Roles to get the user id of logged in user.


In your record for comments (UserComments in my case) set UserId = GetUserId() along with other parameters and save.


Then in your filter for aggregates you can use the condition I provided earlier.


Regards,

Saugat



Thanks a lot Saugat. You have rendered much help! :)