In the “Body” template for a webhook task’s JSON, the expression for the “RunAsUserEmail” property returns blank for a user for whom the Users table’s security filter excludes other users. Since the automation’s event has the “Bypass Security Filters?” property enabled, the security filter shouldn’t be applied, and the expression should return another user’s email. The expression indeed works exactly as expected when I test the app using an account with more advanced permissions that has access to the entire Users table.
Does anyone have guidance regarding how to avoid this issue? Based on this issue and some others I’ve observed in the course of troubleshooting the last few days, I have the impression that some data is not loaded quickly enough to be included in an automation template when it’s not already on the user’s device but rather is only (supposedly) available to the template as a result of the automation’s Bypass Security Filters property.
I have solved my issue you need to create a slice using your file which you need to filter and then use security filter there so that your main file won’t have security filter then your webhook will work.
I don’t understand this. Can you explain or illustrate? If you mean don’t use a security filter on the table and instead filter a slice based on the table, then that’s not a security filter and defeats the main purposes of a security filter (i.e., preventing user access to data and decreasing data volume for syncing).
No it worked in my case. I have created a POS for Cloth shop. Now owner have 4 diffrent Shop in diffrent location so I have to create a filter in my “inventory” so that it will only show data according to the place they belong to and for that I have created a Table “Inventory” now (you can’t run webhook and filter on the same table) because it will give you blank column for which you want your webhook to run. So you now have to create a slice rather than UX for “inventory” table and their your source should be “inventory” and in that slice you have to create your security filter not in the actual Inventory data and then you have to create a UX using that slice then your security filter and webhook both will run. You have to use inventory for your webhook but it’s slice for security filter. Hope thats help you.
What you have found is a workaround but I think you may be missing the purpose of a Security Filter vs filtering a Slice.
A Security Filter serves two very important purposes:
Reduces number of rows downloaded to a device for a more efficient app
Provides extra security by not even allowing the user to have data they shouldn’t.
A Slice that is filtered does neither of these. All table data is downloaded to the device for the core table and Slices create a subset of that data. Not only are there more rows on the device than necessary for that user but there is extra overhead in the management of the Slices - all of which affects the app performance.
Sure you can segregate the data with Slices and build views on them to “hide” all the other data from a particular user. But there is risk that user can gain access to that other data because of some glitch in the app implementation or a savvy user could use 3rd party tools to get at the stored data on the device if they so wished. This can be problematic for a business with any sensitive data that has been downloaded.