Is it possible to create a (hidden & automated) filter based on a (app) user ID so that I can make sure an app user (group) can only see a specific set of entities in the entity list? This is for privacy reasons. So, basically, if an enumerator opens a monitoring form, the entity list (with sites to monitor) opens based on a filter (hidden, in the background) based on his/her app user ID. If not, how can I make sure to (automatically) appoint entities to specific users? Thanks!
There is currently not a unique user identifier sent from Central to Collect that can be used for this kind of filtering. Part of the reason why is that Collect doesn't currently guarantee that a username pulled by the form matches the server username unless Collect has its admin settings locked down (https://docs.getodk.org/collect-settings/#user-settings).
The only completely hidden way to do this is to use deviceid. This is an identifier that is generated by Collect at install time and uniquely identifies an installation. It is reset if the app is uninstalled and reinstalled.
You can access deviceid in an XLSForm by using type deviceid: https://docs.getodk.org/form-question-types/#metadata
What some people do is have a form that asks for a name and other identifier and accesses the deviceid. Filling out this form and submitting it makes the deviceid available to a project manager.
Another popular approach is to have an identifying question in the form. Depending on the level of sensitivity of the data you're working with, you can approach this in different ways. For example, you could simply have a dropdown of different users and trust them to select the correct one. If you have more sensitive data, you could assign each user a passcode that only they know and have them enter it every time. You can see the latter demonstrated in these sample forms shared for the Collect offline Entities beta:
These use an entity list to manage enumerators and their PINs. You could also use a CSV.
If users have devices older than Android 12 and have the Files app, they could view the full entity list as a CSV. If your data is highly sensitive, we recommend making sure as few apps as possible are installed on devices and preventing app downloads.
1 Like
Interesting solutions. However, I am a bit afraid that once enumerators are in the field, they forget their password. Secondly, it can be annoying having to enter user and password details for every form submission:-)
I now solved it (not water proof) by using the user_name as a filter for the entities. By doing so, the enumerator only has to set ONE time their user_name (thus creating the filter for the entities). This requires that the username has to contain a set of matching characters (for example "BOL - Bolivia - name enumerator") which is then cleaned (using regex) and used as input for the filter (e.g. "Bolivia", showing only entities from Bolivia). Not ideal, but workable for us to prevent that enumerators see all entities. Ideally, the entity filter should be linked to the app user ID. That would be water proof. I will check future developments on this. Thanks for thinking with me on this!
Sounds like a good solution!
Depending on how data collectors will get set up and on your technical capacity, you may find it helpful to set the usernames in the configuration QR codes. Here is some information on how to do so: https://docs.getodk.org/collect-import-export/#making-your-own-qr-code You could also set an admin password that way so that you lock down settings and data collectors can't change their username.
You can use last-saved to persist values between form submissions.
Some other ideas for the community consider:
- You can put the PIN on the QR code. We have a script that generates App User codes with the display name. That script could be modified to add a PIN or something else.
- You can use enumerator's location as a filter. So first, enumerators capture their location and then they only see entities within X kilometers of that location or within some boundary.
1 Like