Advice on role based access - any help would be hugely appreciated

Hi,
If you’ve implemented role based access to different areas of your app, how have you done it?
I’m wracking my brain trying to figure this out, but I’m not making much headway.

My scenario is this:
Organisations/charities register with our app to feature articles about them and their projects, what I’d like is to have is to be able to specify a user(s) as an org admin who are able to administer their own org by way of a secret admin button which only appears if the logged in user is an admin.

Sounds simple enough, I just can’t figure out how to do it.

At present what I have is a ‘IsOrgAdmin’ true / false option in the currently logged in user, however this give anyone who’s an admin the ability to administer any organisation! (I’ve only just discovered this mistake).

Any help would be hugely appreciated, thanks :slight_smile:

Hi,

You need to have a linkage between the user and the organization.

When they create an update, they should only be updating their current organization (all updates should be tied to the org).

Does that make sense?

I can make a video about this later if not.

Erik

1 Like

Hi @msmurfitt ,

In the first picture, I use a check if they are admin or not.
You can have as simple as toggle in users collection or number to checked against.

In the beginning I use toggle, but later change to number as it is more flexible to check and can be leveled as many admin as we want.

1 Like

Hey, thanks @Erik
I already have the relationship between the two collections in place.
The problem I’m having is that I’m unable (can’t figure out) how to define roles (I have 5 roles in total).

If an employeed of an org is made an admin of their org on our app then they will add their org and have it added to a list which is filtered.
Previously I had an edit button which was ‘sometimes visible’ depending on whether the logged in user was ‘IsOrgAdmin?’.
And while that worked just fine (it allowed them to edit the organisation, it’s projects and other features) I only realised last week during in pilot testing (we’re hoping to submit the app to the Apple/Play store in the next couple of weeks) that giving a user ‘IsOrgAdmin?’ actually gives them access to all the organisations they’ve favourited, not just the Org they belong to/work for.
Does that make sense?

I think I need the admin priviledge part of the Org collection/record maybe…??

One way it could work (I think) is that there’s a separate ‘admin’ collection for each org…and if the logged in user is added to that collecton they see the admin features…
That would work with a small amount of orgs, but our market is too big to make that practical.

Like you say, there’s a linkage here that I’m missing…just can’t quite figure it out…

Thanks @Yongki
This is kind of what I have, but as per my other reply to Erik my admin users can favourite a number of different organisations, and because the ‘IsOrgAdmin’ is at the user level, not the org level, they have admin rights to every org they’ve favourited/follow.

I need to allow them to favouite as many orgs as they want, but only administrate the org they work for, which, I think, means the admin rights needs to be at the individual org level…I think

1 Like

Yep,I know the issue you’re having. When you go to edit the orgs details, you need to tell Adalo WHICH org to edit and that information isn’t always easy to pass along.

Here’s a little cheat - make the edit button a list of orgs filtered to the logged in user’s org. When they click the button, it’ll pass the current organization’s information to the edit page.

1 Like

Ooooo, that could work!

I’ll give it a try and report back.

Thanks! :slight_smile:

1 Like