Hey everyone… thanks for all the input, much appreciated!
So my use case is this… I have an app which will have hundreds of paid up users, who will each have thousands of database Things of differing types - Contacts, Events, Invoices and so on. When I add new features to my app, they will often involve some new fields or data types, so a new release will also come with APIs I run which will go through everyone’s data to suitably populate or create the new data elements. I am also thinking about keeping my database tidy, and removing data from users who evaluated my system but are no longer using it - so lots of data deletion that I don’t want to go wrong.
The question is: how to most safely perform those tasks, so with the minimum chance of changing or deleting data I didn’t mean to due to human error in how I write my APIs. This became particularly real to me after Josh’s human error which brought Bubble down for an hour earlier this week!
I have a good set of Privacy settings. Every single data element has a “Subscriber User” field, and the privacy settings only allow data access if you are logged in as that Subscriber User. I also currently have one super user who can do anything through the privacy settings. Being logged in as that user sometimes really scares me!
So with my APIs for data cleansing and updates, I was thinking there were three options:
- Run them without Privacy rules.
- Run them as my super user.
- Run each API actually logged in as the user for who’s data I’m cleansing or updating.
Options (1) and (2) seem to open me to the possibility of accidentally deleting or changing data I didn’t mean to.
Option (3) would protect me from that through the privacy settings and therefore feels much safer.
I know I could run option (3) by actually logging in as the user manually… but I was hoping to find a way of automating option (3) for a list of users, as when I get into hundreds of users, doing it by hand will be very tedious.
Oh, and another question comes to mind - if I don’t know the user’s password, then I guess the only way I can log in as them is through the Data tab… is this correct?
So there you have it… any thoughts on my best way ahead would be much appreciated!