User Data Restrictions

Im going round in circles a bit so I thought I would just ask …

Is there an “easy” way to restrict the data in an object to certain types of users.

Lets assume I have 3 authorisation levels - 1, 2 and 3 (as an example).

I want to access values in an object based on one of these levels - I can add an minimum authorisation level field to each record.

It feels like a CS solution is most appropriate although id be keen if someone thought a configuration based approach is workable (build studio based).

Seems like possibly a callback function of some kind might be workable (ie read the available values, manipulate the data [ based on auth level], set the required values). Or maybe code could be used to dynamically set different subset filter for example …

I can see lots of potential solutions and an equal number of difficulties in achieving it.



I thought about using a callback to simply change (say) the subset in use …


but that seems to just blank the dropdown selector giving me nothing to select at all.

when I cs.log this change it all looks good (in settings terms) and I can see the field value has been changed from its initial value to the new one I passed in.


I have checked the new target subset and this works as designed used directly on a page (in build studio).

1 Like

Hi Haydn,

As you said, there are a number of ways to achieve restricting the data in an object to certain types of users. There is this ‘Permissions’ tab under the Edit Object page. From here you can restrict for the object based upon the user role or the privilege, i.e. restrict as in None, Read, Write or Read & Write.

If you need ‘Field level’ permissions, there are a number of options available under the ‘Settings’ tab once you have selected a field from the Edit Page > Layout tab. You can restrict the viewing of the selected field based upon whether the logged-in user is in the selected User object by using the settings called ‘Restrict by User Object’. By default, this setting is set as No and all users with the correct user role permissions will be able to view the field.

Also, please have a look at the configs available under ‘Person visibility subset’ which provides you with the ability to restrict the visibility of a component via a subset from the user object.

Lastly, as you mentioned, via CS you can get the logged-in user’s ID and start hiding, showing down to the individual fields, set up call backs and restrict to the ready only permission, for example, for the specific types of user and authorisation levels.

I hope it helps.


Definitely something odd going on here …

if I use the set_setting and set the subset field to empty - it works as I would expect and removes all restrictions. If I attempt to set the subset (either to its current existing value (as per the build studio) or any other value) it just empties the dropdown of values.

I have the basics of the code working but seemingly cannot set the “limit_subset_field_path” correctly.

Short of this being something I am not doing correctly this looks like a bug to me ?

OK found it … missing a : :man_facepalming:

1 Like