1. What is the issue? Please be detailed.
I have a workflow situation where only selected data can be made available to a user based on his/her location and position.
For example, there are Farmer Facilitators > area manager > country team.
We use a farmer registration form to generate an entities dataset on farmers. This data is generated by Farmer facilitators (FF)
Later each FF need to add additinal information about farmer trainings etc. We want that an FF should be able to fetch their relevant farmers only and must not have access to other farmers (added by other FFS in other regions).
On the other hand, while using Central, area manager or country team person should have access to their designated regions.
This concept of hierarichal access or differential access is available in CommCare.
One possible solution is to generate multiple projects and assign them to each area manager. The draw back to this approach is its scalability. We are more than 100 areas and its not efficient solution.
Can someone please advise me on what can be the suitable workflow to accommodate this need?
Apologies for letting this question fall through the cracks. I believe we've touched on this concept in other threads and conversations but want to come back to this thread for completeness.
Currently, there is no built-in way to do this kind of differential access or segmenting. As you describe, you could create one project per area with a copy of the same form and an entity list. What some organizations do is use the API to create the form, entity list, and App User access assignment. I'm happy to describe this in more detail if it's helpful.
It sounds like you're dealing with personally-identifiable data and need to limit data access on the server so the alternative I'm about to describe is likely not a viable option. For completeness, though, I want to mention that when the data is less sensitive you can use choice filters in the form to filter the data. That doesn't address access on the server side but can be sufficient for some cases. To add some friction (but not foolproof security), projects can use ideas from this thread.
We believe we'll be tackling these issues in Central starting this summer and it's an active area of user research for us. If others have similar needs, I encourage you to describe your workflow and segmenting needs similar to how @Syed_Muhammad_Qadeer has done here. In particular, are your needs also based on geography? Do you also have managers who need to access only one geographic area's data?