Bubble Docs
  • Introduction
  • New? Start Here
  • What is Bubble?
  • The Glossary
  • User manual
    • Getting started
      • What is Bubble?
      • Building your first app
        • Planning features
        • Database structure
        • Design and UX
        • eCommerce and payments
          • Shopping cart
          • Checkout page
          • One-time payments
          • Subscriptions
          • Marketplace
      • Creating and managing apps
      • The Bubble editor
        • Tabs and sections
          • Design tab
            • The element tree
            • The property editor
          • Workflow tab
          • Data tab
          • Styles tab
          • Plugins tab
          • Settings tab
            • Application settings
              • Custom headers/body
              • Visual settings
              • Social media sharing
              • Translating your app
              • Email settings
              • Collaboration
            • Custom domain and DNS
          • Logs tab
        • Tools
          • Key features
          • The search tool
          • The Issue Checker
          • The element tree
          • The element property editor
          • The debugger
          • Notes
        • Previewing your app
      • Transitioning to Bubble from...
        • JavaScript
        • HTML and CSS
        • SQL
    • Design
      • Elements
        • The element hierarchy
          • The element tree
        • The page
        • Containers
          • Groups
          • Repeating groups
          • Table elements
          • Popups
          • Floating groups
          • Group focus
        • Visual elements
        • Input forms
          • Text and numbers
          • Dates and time
          • File uploads
          • Selection controls
        • Reusable Elements
      • Styling
        • Color variables
        • Font variables
        • Styles
        • Custom Fonts
      • Responsive design
        • Building responsive pages
        • Legacy articles
          • The Basics (Legacy)
          • Building Responsive Pages (Legacy)
          • Migrating Legacy Pages
          • Tips When Designing (Legacy)
      • Templates
      • The Component Library
      • Importing from Figma
    • Data
      • The database
        • Data types and fields
        • Creating, saving and deleting data
        • Finding data
        • Displaying data
        • Protecting data with privacy rules
        • The database editor
        • Export/import data
          • Exporting data
          • Importing data (CSV)
        • Working with location data
        • Using Algolia
        • Database structure by app type
          • Marketplace Apps
          • Directory & Listings Apps
          • Social Network Apps
          • SaaS Apps
          • Project Management Apps
          • CRM Apps
          • Professional Services Apps
          • On-demand Apps
          • Documentation/ CMS Apps
          • Applicant Tracking System (ATS) Apps
          • Portfolio Apps
          • Gallery Apps
          • Online Store / Ecommerce Apps
          • Blog Apps
          • Messaging App
          • Dashboards
          • Building Block Apps
          • Bubble as a backend
      • Files
      • Images
      • Static data
        • App texts (translations)
        • Option sets
      • Temporary data
        • Custom states
        • URL parameters
      • User accounts
        • Authentication plugins
          • Facebook plugin
          • Fitbit plugin
          • Google plugin
          • Instagram plugin
          • LinkedIn plugin
          • Pinterest plugin
          • Slack plugin
          • Wistia plugin
          • YouTube plugin
        • Cookies set by Bubble
      • Time, dates and time zones
    • Logic
      • The frontend and backend
      • Workflows
        • Events
          • Frontend events
            • Recurring workflows
            • Custom events
          • Backend events
            • Database trigger events
        • Actions
        • API Workflows
      • Dynamic expressions
      • Conditions
      • Navigation
        • Single-page applications (SPA)
        • Multi-page applications
        • Page slugs
    • Workload
      • Understanding workload
        • Activity types
        • The workload calculation
        • Client-side and server-side processing
      • Tracking workload
        • Measuring
          • Using App Metrics
        • Monitoring
          • Workload notifications
          • Infinite recursion protection
      • Optimizing workload
        • Optimization framework
        • Optimization checklist
          • Page load
          • Searches
          • Workflows and actions
          • Backend workflows
        • Agency showcases
          • Minimum Studio
          • Neam
          • Support Dept
    • Security
      • Bubble's security features
      • Planning app security
      • Client-side and server-side
      • Bubble account security
      • App security
      • Page security
      • Database security
      • API security
        • API Connector security
        • Data API security
        • Workflow API security
      • Flusk
        • Overview
        • Flusk plan features
        • Getting started with Flusk
        • Flusk security tools
          • The Issues Explorer
          • Issue details
          • Tools and settings
            • Pages rating
            • Database rating
        • Flusk FAQ
      • Cookies
      • Security checklist
    • Publishing your app
      • Web app
      • Native mobile app
        • Global native mobile settings
        • iOS App Store
        • Google Play Store
        • Publishing FAQ
    • AI
      • Generate apps with AI
        • About AI app generation
      • AI page designer
      • Connect to AI agents
    • Maintenance
      • Collaborators
      • Version control
        • Best practices: Version control
        • Transitioning from the legacy version control
        • Terminology: Version control
        • Version Control (legacy)
      • Commenting
      • Database maintenance
        • Copying the database
        • Restoring database backups
        • Bulk operations
          • Bulk operation methods compared
        • Wiping change history
      • Performance
        • Hard limits
        • Capacity Usage (legacy)
        • Notes on queries
      • SEO
        • Introduction to SEO
        • SEO: App
        • SEO: Page
      • Testing and debugging
        • Introduction to testing and debugging
        • The debugger
        • The server logs
        • Supported browsers
      • API workflow scheduler
    • Integrations
      • API
        • Introduction to APIs
          • What is a RESTful API?
        • The Bubble API
          • Bubble API terminology
          • Authentication
            • How to authenticate
            • No authentication
            • As a User
            • As an admin
          • The Data API
            • Data API Privacy Rules
            • Data API endpoints
            • Data API requests
          • The Workflow API
            • Workflow API privacy rules
            • Workflow API endpoints
            • API workflows
              • Creating API workflows
              • Scheduling API workflows
              • Recursive API workflows
              • API Workflow Scheduler
              • Case: Stripe notifications
        • The API Connector
          • Authentication
          • API Connector security
          • API guides
            • OpenAI
              • Authentication
              • Calls
                • ChatGPT
                  • Chat
            • Google Translate
              • How to setup Google API keys
          • Streaming API
        • API security
        • Plugins that connect to APIs
        • API Glossary
      • Plugins
        • What Plugins Can Do
        • Installing and using Plugins
        • Authentication plugins
        • Special Plugins
      • SQL Database Connector
      • Bubble App Connector
      • WorkOS
        • WorkOS SSO
        • WorkOS API
    • Infrastructure
      • Sub-apps
      • Bubble release tiers
      • Hosting and scaling
        • How Bubble hosting works
        • Scaling with Bubble
        • CDN (Cloudflare)
        • Bubble app names
        • Domain and DNS
      • Compliance
        • GDPR
        • SOC 2 Type II
        • HIPAA
        • Other frameworks and standards
    • Bubble for Enterprise
      • Hosting and infrastructure
        • Dedicated instance
          • The Dedicated editor experience
          • Technical specs
          • Main cluster dependencies
          • Customizable options
          • Migration process
            • Pre-migration
            • During migration
            • Post-migration
      • Security and compliance
        • Single sign-on (SSO)
        • GDPR
        • SOC 2 Type II
        • HIPAA
        • Other frameworks
        • Bubble's security features
      • Admin and collaboration
      • Priority support
      • Billing and Payment Guideline for Dedicated Instances
  • Core Reference
    • Using the core reference
    • Bubble's Interface
      • Design tab
      • Design tab (Legacy)
      • Workflow tab
      • Data tab
      • Styles tab
      • Styles tab (Legacy)
      • Plugins tab
      • Settings tab
      • Logs tab
      • Template tab
      • Toolbar
      • Top and context menu options
      • Deployment and version control
        • Deployment & Version Control Dropdown (legacy)
      • Notes
    • Elements
      • General properties
      • General properties (Legacy)
      • Styling properties
      • Styling Properties (Legacy)
      • Responsive Properties
      • Responsive Properties (Legacy)
      • Conditional formatting
      • States
      • Page Element
        • Page Element (Legacy)
      • Visual Elements
      • Containers
      • Container Layout Types
      • Containers (Legacy)
      • Input Forms
      • Reusable Elements
      • Element Templates (legacy)
    • Workflows
    • Events
      • General events
      • Element events
      • Custom events
      • Recurring event
      • Database trigger event
    • Actions
      • Account
      • Navigation
      • Data (things)
      • Email
      • Element
      • Custom
    • Data
      • Data Sources
      • Operators and comparisons
      • Search
      • Privacy
    • Styles
    • API
      • The Bubble API
        • The Data API
          • Authentication
          • Data API endpoints
          • Data API requests
        • The Workflow API
      • The API Connector
        • Authentication
        • Adding calls
    • Bubble-made Plugins
      • AddtoAny Share Buttons
      • Airtable
      • API Connector
      • Blockspring
      • Box
      • Braintree
      • Bubble App Connector
      • Chart.js
      • Circle Music Player
      • Draggable Elements
      • Dropzone
      • Facebook
      • Fitbit
      • Full Calendar
      • Google
      • Google Analytics
      • Google Optimize
      • Google Places
      • Ionic Elements
      • iTunes
      • Slidebar Menu
      • LinkedIn
      • Localize Translation
      • Mixpanel
      • Mouse & Keyboard Interactions
      • Multiselect Dropdown
      • Progress Bar
      • Rich Text Editor
      • Rich Text Editor (Legacy)
      • Screenshotlayer
      • SelectPDF
      • Slack
      • Segment
      • Slick Slideshow
      • SQL Database Connector
      • Star Rating
      • Stripe
      • Tinder-like Element
      • Twitter
      • YouTube
      • Zapier
    • Application Settings
      • App plan
      • General
      • Domain / email
      • Languages
      • SEO / metatags
      • API
      • Collaboration
      • Sub-apps
      • Versions
  • Account & Marketplace
    • Account and billing
      • Pricing and plans
        • Plans and billing
        • Billing cycle
        • FAQ: Pricing and Workload
      • Account Management
      • Building Apps for Others
      • Selling on the Marketplace
      • Plans & Billing (legacy)
    • Official Bubble Certification
      • Hiring certified developers
    • Building Plugins
      • The Plugin Editor
      • General Settings
      • Updating to Plugin API v4
      • Adding API Connections
      • Building Elements
      • Building Actions
      • Loading Data
      • Publishing and versioning
      • Github Integration
    • Building Templates
    • Application and data ownership
    • Marketplace policies
    • Bug reports
  • Vulnerability Disclosure Policy
  • Beta features
    • About the Beta features section
    • Native mobile apps 🔒
      • Introduction
        • What is a native mobile app?
        • Native mobile vs. web development
        • Differences in native and web elements
        • Native mobile app terminology
      • Building
        • Views and navigation
        • Native mobile actions
        • Components and gestures
        • Device resources
          • Location services
          • Camera/photo library
      • Previewing
      • Publishing
Powered by GitBook
On this page
  • Data types recommended
  • User
  • Product
  • Shopping cart
  • Cart item
  • Option sets recommended
  • Fulfillment status
  • Additional notes
  • About Amlie Solutions and Petter Amlie
  • Other ways to learn

Was this helpful?

  1. User manual
  2. Data
  3. The database
  4. Database structure by app type

Online Store / Ecommerce Apps

By Petter Amlie, Amlie Solutions

Various members of the Bubble ecosystem contributed these use case-oriented database guides. There's always more than one way to do something in Bubble, but the advice here can help you get started if you're new to Bubble!

In this guide we’re building an online store, similar to something like Amazon or Shopify: a place where Users can add Products or Services to a Shopping Cart and go through a checkout process where they pay for the items.

For an eCommerce store, no matter what you are selling, there will be a mix of public and private data. For example, Products need to be public, because Users must be able to search for them and add them to their Cart. But a User’s shopping history must only be visible to that User, and to the employees who are fulfilling the order. For this, we’ll use Privacy Rules, and you’ll see that you have full control over who can see what in your application.

We’ll also take into account that you need to retain some historical records at the time of purchase. This is to make sure that Products that may change over time (such as the price being adjusted) does not affect past purchases.

Data types recommended

There will be four major Data Types involved in our online store. The User is of course built into Bubble already, but we’re making some key changes to them to make sure we can separate different types of Users from each other. The second is the Product. This one is a public data type that people can search for and review its details before adding it to our third data type: the cart. The cart is the container that holds Products while the User is shopping, and it allows the User to pay for all items at the same time, as well as maintaining the Users purchase history by showing each Cart as a separate order.

Finally, we’re setting up a Cart item Data Type. We use this item to store information after the purchase has been made to make sure we know what each item cost and how it was described at the time of purchase.

Let’s have a look at the details.

User

Your app will of course consist of Users. In our case, there will be two types of Users that we need to think about:

  • Regular Users (users who have registered an account in your application)

  • Admins Users (users who have access to your application's back-end to fulfill orders)

Suggested fields on this type

  • Name - text

  • Phone number - text (if relevant to your app)

  • Shopping cart - Shopping cart: This field will be used to store the currently active Shopping cart that the User can add Products to

  • Admin - yes/no: This field will be used to determine whether the User is an administrator or not. You can set this field’s default value to “no”

Privacy rules for this data type

In most online stores, we do not want Users to be able to see each other’s cart and we also want to keep it hidden that a User is registered at all, except to the User themselves and Administrators.

Our first rule will let Users see and edit their own information:

If this User is Current User, this User can:

  • View all fields: yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding:

  • Name: Yes

  • Phone number: Yes

  • Cart: No

  • Admin: No

As you can see, Users can now edit all their own information except for a few key fields: The Admin field (since otherwise that would make any User able to set themselves up as an administrator) and the Cart field (since the platform needs to be programmatically in control of that field as the User navigates the shopping process).

Ok, so the User is all set up to handle their own info. As we discussed, we also need a kind of Administrator User that maintains the platform and fulfills orders. We set up the admin field to handle separate those Users, so let’s set up the Privacy Rule as following:

If Current User’s admin is yes, this User can:

  • View all fields: yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: yes

With this rule, we’ve made sure that admin Users can find, see and edit all information on all Users, and even assign the Admin role.

Finally, the most important rule is the one that dictates what every User not covered by the previous rules can see and do. In our case, we want to restrict their access.

Everyone else:

  • View all fields: no

  • Find this in searches: no

  • View attached files: no

  • Allow auto-binding: no

Product

As your Users navigate your Online Store, they’ll need to be able to find and view Products. You can of course add as many details to this Data Type as you need. For this example, we’ll set up just a simple product with a name, image, price and a short description.

To illustrate how you can use Privacy Rules to hide only specific fields on a database Thing, we’ll also add a field called Profit margin. This is a field that should be available to Administrators, but it should be invisible to everyone else. You may not need this in your app, but we’ll set it up just to learn how it’s done.

Suggested fields on this type

  • Name - text: the name of the Product, such as “Coffee mug”

  • Image - image

  • Price - number

  • Description - text

  • Profit margin - number

Privacy rules for this data type

First, we need to make sure that Users can see all the Products - if not, it wouldn’t be much of a shopping experience! But keep in mind what we discussed earlier: we don’t want the Users to be able to see the Profit margin unless they are an admin. Also, regular Users should not be able to edit the Products in any way.

We don’t actually need to set up a specific field for Users that are not admins, since in this case, we’ll cover that with the everyone else rule. First, we’ll set up the admin, and then everyone else. Admins should be able to find and edit all Products, and they also have access to the Profit margin field:

If this User’s admin is yes, this User can:

  • View all fields: no

  • Name: Yes

  • Image: Yes

  • Price: Yes

  • Description: Yes

  • Profit margin: Yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: Yes

  • Name: Yes

  • Image: Yes

  • Price: Yes

  • Description: Yes

  • Profit margin: Yes

Everyone else:

  • View all fields: no

  • Name: Yes

  • Image: Yes

  • Price: Yes

  • Description: Yes

  • Profit margin: no

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: No

Shopping cart

This is the container that we’ll use to store every Product that the User adds to it both before the purchase is made and after.

Suggested fields on this type

  • Products - list of Products: Make sure to check the “This field is a list” on this field to make sure it can contain more than one Product

  • Total cost - Number: This is where we’ll store the total amount for all Products in the cart

  • Cart items - list of Cart items: Make sure to check the “This field is a list” on this field to make sure it can contain more than one Cart item

  • Fulfillment status - Fulfillment status (option set): This field is used internally to determine how the order is moving in the system. You can set the default value for this to “Received” (see notes on the Option Set further down)

Privacy rules for this data type

Like the User itself, the Cart is a very private field: no one except for the customer and the staff managing your app should be able to see it. First, we’ll set it up so that the User can see their own Cart. We’ll use the built-in Created by field for this. There are no fields that are auto-bound on the Shopping cart, since we’ll be relying on Workflows to add and remove items.

If this Shopping Cart’s Created by is Current User, this User can:

  • View all fields: Yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: No

Now for the admins that fulfill the order:

If Current User’s admin is yes, this User can:

  • View all fields: Yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: yes

  • Fulfillment status: yes

  • Total cost: No

  • Products: No

  • Cart items: Yes

As you can see, not all fields are editable, even by an admin. As the total cost is calculated based on the Products inside, we don’t want anyone to be able to edit it directly.

Now again, for the most important rule: what everyone else can see:

Everyone else:

  • View all fields: no

  • Find this in searches: no

  • View attached files: no

  • Allow auto-binding: no

Cart item

The Cart Item is basically a clone of the Product at the time of purchase. This lets us store a permanent record of what the item cost and how it was described when it was bought, so that we can make changes to a Product without it affecting already completed carts.

Suggested fields on this type

  • Shopping cart - Shopping cart: The Shopping cart to which the cart item belongs.

  • Product - Product: First, we’ll link to the original Product

  • Price - number: This number we’ll copy from the original Product when the User checks out

  • Name - text

  • Description - text

Privacy rules for this data type

The Cart items should behave just like the Cart its in: visible to Users and Admins, and invisible to everyone else.

If this Cart Item’s Created by is Current User, this User can:

  • View all fields: Yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: No

Now for the admins that fulfill the order:

If Current User’s admin is yes, this User can:

  • View all fields: Yes

  • Find this in searches: yes

  • View attached files: yes

  • Allow auto-binding: no

Keep in mind that we may allow Admins to delete items in the Cart, but for that we’ll rely on workflows - not auto-binding. That’s why we keep auto-bind disabled for now.

Option sets recommended

Fulfillment status

  • Received

  • Processing

  • Sent

This Option Set is used to determine where in the system the order currently is, so that you can see which orders have been fulfilled or not. You can of course rename or add as many options as you see fit for your business.

Additional notes

Keep in mind for this guide that it takes a very general approach to Shopping Carts: you may have entirely different needs depending on whether you are selling t-shirts, takeaway food or hotel stays: but the principle remains the same. You need a cart for the User to organize whatever they are buying, and you need to maintain some historical data for what exactly they bought. You are of course free to use the guide as a basis for your own system and add whichever fields you think makes sense. But keep in mind that privacy is key, and that Privacy Rules are the only way to truly keep data secure.

About Amlie Solutions and Petter Amlie

Other ways to learn

Articles
Core reference:
External documentation

Last updated 1 year ago

Was this helpful?

This guide is written by Petter Amlie. Petter is the founder of , a no-code expert, public speaker and author of two books on and . You can find a growing number of free guides, video courses and in-depth articles on his website.

- this article series covers different ways in which you can monetize your app and use Stripe to collect payments

- list of all Stripe plugin features

Amlie Solutions
Bubble: The Ultimate Guide to Bubble Performance
The Ultimate Guide to Bubble Security
eCommerce and payments
Stripe plugin
Stripe Docs
How Stripe Checkout works
Stripe Checkout demo