User account extra field (Metadata)

Idea created by Fabrice Nordmann Expert on Mar 13, 2019
    Active
    Score24

    in many custom apps, developers feel the need to create a user table, even though there is already a system table of users in Manage Security.

    Some of reasons can be:

    • Context: the interface is built on a layout where each user sees his own record. In this instance, it's more a session table. This is not addressed by this idea.
    • We want to add some keywords because Extended privileges apply to a privilege set only and are sometimes not accurate enough, when you want to grant a permission to specific users with different privilege sets
    • We need to store more data about the user (e-mail address, user ID in other systems, API keys…)

     

    Usually, we don't need to perform find, print or export this extra data. We only need it at runtime during a script (for instance, send an e-mail and pick the user's e-mail address as sender.

     

    Besides, we now have JSON function that make it easy to structure data in a single text object, and retrieve information from there.

     

    The problem is that by nature, information about users is often very sensitive (API Key, hourly rate, wage…), and if some data is exposed (layout, data viewer…) because of a weakness in security settings (which, I admit, shouldn't happen), it can lead to very critical leaks.

     

    So here is the idea:

    • A new text field (let's call it Metadata) at the user account level
    • A script step: Set Account Metadata [ account name ; calc ]
    • Two functions:
      • Get ( AccountMetadata ) - to get the current account metadata
      • GetAccountMetadata ( AccountName ). Needed with the script step to modify Metadata of an account that is not the current account. Limited to users who can manage user accounts (namely Full Access)