How To Protect A User's Data With Bubble Privacy Rules
In this Bubble.io tutorial video we give an introduction to the Bubble Data Privacy tab and demonstrate a simple solution that will fit most use cases. In this video we show how to only show database entries to the user who created them.
Setting Up Basic Privacy Rules in Bubble
In this video, I'm going to demonstrate how to set up some basic privacy rules to protect your users' data in your Bubble app. I'm going to start off with this locations page and map page from a previous video. We have a user logged in and they've created four locations. We can check that here. So under locations in data type, we can see that demo has created these four locations.
The Incorrect Way to Protect User Data
Let's say that we want to make sure that only demo can view the locations that they've created. Now, this is how not to do it. You could go into search for locations and go created by equals current user. And let's refresh that. Okay, and there's no change. So that has sort of worked because it will now only display to the user locations that they've created. But this is not secure. This is not the way to do it because there could still be a number of other ways or reasons that a user who isn't the creator can gain access to this data.
The Correct Way to Implement Privacy Rules
Unless you have a very particular reason for using a created by, one instance might be like a chat app dialogue where you want to only show the submissions of the current user into that dialogue. Don't use this. It's not the way to do it. You should be using the privacy tab here. And so on location, we will say user and you can give it any name you like. And then we will untick all of these fields because we don't want it that a user, sorry, a visitor to this website, this web app, who isn't logged in, we don't want them to give them access.
Setting Up Privacy Rules for Users
We don't want to give other users in our app access to the data created by this user. So we're focusing on this panel here and making sure we've got everything unticked. And it's going to be a rule like current user is this location's creator. And then we want if that statement is true to view all fields, find it in a search and to attach an autobinding. We'll cover that in another video.
Testing the Privacy Rules
Now, if we refresh this page. See, there's no difference. I'm currently logged in. I'm currently viewing the data that I've created, but let's see what happens if I log out. And then refresh the page. See, I now no longer have access to that data because I am logged out. I am not current user who has created that data.
The Importance of Secure User Data Protection
Remember when you're wanting to make your app secure for your users, which if we're honest can often be a bit of an afterthought and something that we put off grappling with. But we know that it's really important that we get this right. So I would make sure that you get familiar with setting up privacy rules in the data privacy tab and you test. You have multiple browser windows opened with private browsing tabs in each so that you can log in as different users check that you are not leaking. You can do your users data to other users when you don't want that to be happening.
Get the Complete Bundle for Just $99
Access 3 courses, 390+ tutorials, and a vibrant community to support every step of your app-building journey.
Start building with total confidence
No more delays. With 30+ hours of expert content, you’ll have the insights needed to build effectively.
Find every solution in one place
No more searching across platforms for tutorials. Our bundle has everything you need, with 390+ videos covering every feature and technique.
Dive deep into every detail
Get beyond the basics with comprehensive, in-depth courses & no code tutorials that empower you to create a feature-rich, professional app.
Valued at $49
Valued at $89
Valued at $29
Valued at $99
Valued at $49
Can't find what you're looking for?
Search our 300+ Bubble tutorial videos. Start learning no code today!
Have questions?
We have answers!
Find answers to common questions about our membership plans, programs, and more.
We're here to help you launch your no code SaaS. Reach out to the team and we'll double check our vast library for useful content. We'll advise you on how we'd tackle the same problem and there's a good chance we'll record the video to help the wider community.
As a Planet No Code member, you'll receive a discount on our Bubble coaching sessions. Monthly members receive a 10% discount, while Annual members receive a 17.5% discount. To redeem your discount, simply log into your account and book a coaching session through our platform.
Our 8-week intensive mentorship program is designed to provide personalized guidance and support to help you accelerate your startup journey. You'll be matched with a startup expert who will work with you one-on-one to set goals, overcome challenges, and make rapid progress.
To apply for the Mastery Program, simply click the "Request Invitation" button on our pricing page and fill out the application form. Our team will review your application and schedule a call with you to discuss your goals and determine if the program is a good fit for your needs.
We accept all major credit cards, including Visa, Mastercard, American Express, and Discover.
While we don't offer a free trial, we do provide a 14-day money-back guarantee. If you're not completely satisfied with your membership within the first 14 days, simply contact our support team, and we'll issue a full refund.