Appearance vs. security
Visibility conditions, hidden tabs, and removed components are not security features—they are merely changes that impact how different users see your app. Do not rely on these changes for your app's security.
When you use visibility conditions or design a screen to show some data but not other data, your app still downloads all the data available to it for the corresponding sheet, even if users can't see it. It is relatively straightforward for someone to inspect this data with common tools such as your browser's developer console, so you shouldn't rely on hiding information to keep it secure.
Use visibility conditions to customize the display of data that all users should be able to access. For example, use filtering to create a Managers tab in an employee directory, since the manager profiles are already accessible to all employees in the main directory.
Use visibility conditions together with security features such as Row Owners to securely control what data users can access, and how the data is displayed.
In the app below we have two Text and Image components each which are visible or hidden depending on their status. The data here is not private, it's purely informational, so it's safe to use conditional visibility.
In an Employee Directory, there is a tab called 'Managers'. This tab uses a filter to show only employees where the
Is Manager Label column is Manager.
In this case, it's ok to use the filter condition as we're already displaying the filtered out information (employees) elsewhere in our app.
The app below shows a component with each employee's social security number on it. It's using conditional visibility to only show this component when the user who's logged in is an admin.
This is not a secure way of displaying data to admins as the social security number will still be downloaded by the app, even when it's not visible on the screen.
The app below has a tab for Employee Feedback which contains private submissions from employees to management. You can see that there's a Tab Visibility condition to only show this tab when the user who's logged in is a manager.
This is not a secure way of displaying data to managers as the data in this tab will still be downloaded by the app, even if it's not visible to users other than managers.
The Employee Directory below has a table with private information in it without Row Owners applied.
There's a new tab with a Details layout and filtered that tab to only show items where the email column matches the signed-in user's email. This will show the user the data from only their Row.
However, this is not a secure way of displaying a user their private profile information. Even though they can't see other users' profiles, the other user rows are still downloaded.