How To Protect A User's Data With Bubble Privacy Rules
In this Bubble.io tutorial video we give an introduction to the Bubble Data Privacy tab and demonstrate a simple solution that will fit most use cases. In this video we show how to only show database entries to the user who created them.
Setting Up Basic Privacy Rules in Bubble
In this video, I'm going to demonstrate how to set up some basic privacy rules to protect your users' data in your Bubble app. I'm going to start off with this locations page and map page from a previous video. We have a user logged in and they've created four locations. We can check that here. So under locations in data type, we can see that demo has created these four locations.
The Incorrect Way to Protect User Data
Let's say that we want to make sure that only demo can view the locations that they've created. Now, this is how not to do it. You could go into search for locations and go created by equals current user. And let's refresh that. Okay, and there's no change. So that has sort of worked because it will now only display to the user locations that they've created. But this is not secure. This is not the way to do it because there could still be a number of other ways or reasons that a user who isn't the creator can gain access to this data.
The Correct Way to Implement Privacy Rules
Unless you have a very particular reason for using a created by, one instance might be like a chat app dialogue where you want to only show the submissions of the current user into that dialogue. Don't use this. It's not the way to do it. You should be using the privacy tab here. And so on location, we will say user and you can give it any name you like. And then we will untick all of these fields because we don't want it that a user, sorry, a visitor to this website, this web app, who isn't logged in, we don't want them to give them access.
Setting Up Privacy Rules for Users
We don't want to give other users in our app access to the data created by this user. So we're focusing on this panel here and making sure we've got everything unticked. And it's going to be a rule like current user is this location's creator. And then we want if that statement is true to view all fields, find it in a search and to attach an autobinding. We'll cover that in another video.
Testing the Privacy Rules
Now, if we refresh this page. See, there's no difference. I'm currently logged in. I'm currently viewing the data that I've created, but let's see what happens if I log out. And then refresh the page. See, I now no longer have access to that data because I am logged out. I am not current user who has created that data.
The Importance of Secure User Data Protection
Remember when you're wanting to make your app secure for your users, which if we're honest can often be a bit of an afterthought and something that we put off grappling with. But we know that it's really important that we get this right. So I would make sure that you get familiar with setting up privacy rules in the data privacy tab and you test. You have multiple browser windows opened with private browsing tabs in each so that you can log in as different users check that you are not leaking. You can do your users data to other users when you don't want that to be happening.
Can't find what you're looking for?
Search our 300+ Bubble tutorial videos. Start learning no code today!
Flexible Pricing Plans to Fit Your No-Code Journey
Choose the plan that aligns with your goals and start building your startup today.
Have questions?
We have answers!
Find answers to common questions about our membership plans, programs, and more.
Both plans offer full access to our learning resources, community, and support. The Annual plan provides a significant discount (over 15%) compared to paying monthly, and it allows you to lock in your rate for a full year.
Absolutely! You can easily upgrade or downgrade your membership plan at any time by logging into your account and selecting the desired plan. Any unused portion of your current plan will be prorated and applied to your new plan.
As a Planet No Code member, you'll receive a discount on our Bubble coaching sessions. Monthly members receive a 10% discount, while Annual members receive a 17.5% discount. To redeem your discount, simply log into your account and book a coaching session through our platform.
Our 8-week intensive mentorship program is designed to provide personalized guidance and support to help you accelerate your startup journey. You'll be matched with a startup expert who will work with you one-on-one to set goals, overcome challenges, and make rapid progress.
To apply for the Mastery Program, simply click the "Request Invitation" button on our pricing page and fill out the application form. Our team will review your application and schedule a call with you to discuss your goals and determine if the program is a good fit for your needs.
We accept all major credit cards, including Visa, Mastercard, American Express, and Discover.
While we don't offer a free trial, we do provide a 14-day money-back guarantee. If you're not completely satisfied with your membership within the first 14 days, simply contact our support team, and we'll issue a full refund.
If you decide that Planet No Code isn't the right fit for you, you can cancel your membership at any time by logging into your account and navigating to the subscription management page. Click the "Cancel Membership" button, and your membership will be terminated at the end of your current billing cycle.