Filtering element can-read in the collection

ajris · October 11, 2022, 12:15pm

Hi,

I have a collection that I would like different type of users to read different records (based on one of the fields in the record - just like a simple where in SQL).

I have actually two questions -

how do I do the AND in the language (&& doesnt work). I suppose that the concatenating the where statements could do that, but it is not readable at all, is there any better way to do it?
is there any other way to specify which records could be read by people (for instance user type A can read all the records with the status A, while the user type B can read only the records specified with B)

Example:

'Requests': collection ['Request ID'] {
	can-read: user .'Type'?'Admin' 
		|| where ( user .'Type'?'A' 
			where ( .'Status'?'Other' 
				where ( user is ( >'User' ) ) ) )

→ I suppose that here, either the Admin can read everything, or the user of type A, where the status is Other and where the currently assigned user to the task is him right?

gjkunst · October 11, 2022, 12:51pm

@1: better formatting can help. I updated your code sample. I do not think && will make it more readable and I do not think there is currently a better way to do it. We’re open to suggestions for improvement.
@2: you can express ‘user type A can read all the records with the status A, while the user type B can read only the records specified with B’ as follows:

can-read:
    user .'Type'?'A' where ( .'Status'?'A' )
    user .'Type'?'B' where ( .'Status'?'B' )

About your final question: your explanation is correct!

gjkunst · October 11, 2022, 12:56pm

I just noticed that your code sample is not valid Alan code. It should be:

'Requests': collection ['Request ID'] {
	can-read: user .'Type'?'Admin'
		|| user .'Type'?'A' 
			where ( .'Status'?'Other'
				where ( user is ( >'User' ) ) )

Martinique · October 6, 2025, 9:30am

'Users': collection ['Name'] {
   'Name': text
   'Countries': collection ['Country'] {
       'Country': text -> ^ .'Relationship Management'.'Countries'[]
   }
}

'Relations': collection ['Relation'] {
   can-read: user .'Countries'[ .'Countries'* ] //this is invalid syntax
   'Relation': text
   'Countries': collection ['Country'] {
      'Country': text -> ^ .'Relationship Management'.'Countries'[]
   }
}

I am encountering the following issue: I wish to allow users only to access relations from assigned countries. A relation can be situated in multiple countries, which are added to the collection within Relations.

For example, procurement staff in Spain can only see contacts that are situated in Spain.

Is there any way to compare two collections with each other in the can-read function?

gjkunst · October 6, 2025, 2:46pm

It is possible, but intersections like this require quite a significant workaround at this time:

'Countries': collection ['Country'] {
	'Country': text
	'Relations': reference-set -> downstream ^ .'Relations'* .'Countries'* = inverse >'Country'
}
'Users': collection ['Name'] {
	'Name': text
	'Type': stategroup (
		'Admin' { }
		'Unknown' { }
	)
	'Countries': collection ['Country'] {
		'Country': text -> ^ ^ .'Countries'[]
		'Relations': collection ['Relation'] = union (
			'' = >'Country'<'Relations'[ ^ ^ .'Relations'* ]
		) @hidden {
			'Relation': text -> downstream ^ ^ ^ .'Relations'[] = key
		}
	}
}
'Relations': collection ['Relation'] {
	can-read: .'Users'[ user .'Name']

	'Users refset': reference-set -> ^ .'Users'* .'Countries'* .'Relations'* = inverse >'Relation' @hidden
	'Users': collection ['User'] = union (
		'' = <'Users refset'[ ^ .'Users'* ]
	) @hidden {
		'User': text -> ^ ^ .'Users'[] = key
	}
	'Relation': text
	'Countries': collection ['Country'] {
		'Country': text -> ^ ^ .'Countries'[]
	}
}

Martinique · October 7, 2025, 6:41am

This is amazing, thank you