Hi, I would like to set up a condition that allows users in a specific permission group to delete only the records they have created, while preventing them from deleting records created by other users.
In the table, I am using the system field Created By. In the permission role, delete access is enabled for this table, and I have added the condition: doo.model.createdBy === doo.currentUser.login`
However, this condition does not work as expected, and users are still able to delete any records.
Could you please advise whether this type of conditional delete restriction is supported and, if so, what the correct approach or syntax should be?
Hello, you could achieve this by setting up a workflow which will run Before save and it will check the condition - that is doo.model.createdBy.value === doo.currentUser.login. If the condition does NOT return true, it will set model.isValid to false and therefore the record will not be deleted. It is also good practice to set an user alert so the user knows that even when they wanted to delete the record, it was not deleted.
Here is an example of the script:
if (doo.model.createdBy.value !== doo.currentUser.login) {
doo.alert.showWarning(‘Záznam může mazat pouze uživatel, který ho vytvořil.’);
doo.model.isValid = false;
}
Remember, that the setting of the workflow must be as on the picture.
Hello Anna, thank you for you answer. Am I correct in understanding that the only available configuration option is to apply this setting to everyone, and that it cannot be limited to specific roles?
Not really. The workflow will be triggered everytime that record is deleted, regardless of what role the user has. However, you can extend the condition in the workflow and apply it only if user has a certain role.
Eg.
if (doo.currentUser.roles.includes(‘User’) {
if (doo.model.createdBy.value !== doo.currentUser.login) {
doo.alert.showWarning(‘Záznam může mazat pouze uživatel, který ho vytvořil.’);
doo.model.isValid = false;
}
}
So in this case, it is first checked, if the user, who initiated deleting the record, has a certain role. Only if they have the desired role (in this case User), then only the condition of who created the record is verified. If the user had role Admin (or any other!), he could delete the record regardless of who created it.
