As a company that hosts EnergyCAP for our clients we capture each of tje clients buildings, meters, etc. and then provide user roles for them to view their data.
We do not want to client A to see client B's data, or clients B seeing client A's data.
In version 3 under groups and benching I checked a box that said hide group members that are outside of user's topmost group. that check prevented our clients to only see their data.
in version 7 when I log into ECAP as the client they only see their data. However when I open up a new tab and log in using my log in, and flip back to the clients view, ALL the clients are showing up. in other words, client A is now seeing client B's data.
How can I prevent this from occurring?
What you're experiencing is an aspect of EnergyCAP 7's web cookie-based authentication. When you log in with EnergyCAP 7 with a given URL like https://app.energycap.com, then you get a "cookie" containing authorization for that URL. The cookie is for a given user and datasource for that URL. Cookies are shared among browser tabs, so if you don't log out of the old tab but open a new tab and log in again, then the cookie is REPLACED with the new login, so if you refresh the old tab, it will suddenly show data from the most recent login.
As you discovered, this can be worked around by using different browsers, and it can also be worked around by using Google Chrome's "incognito mode". Then you can have as many separate "incognito" windows using the same URL but different logins.
Finally, you asked about the "hide group members outside user's topmost" option for Building and Meter Groups. It's located in the Create or Edit Group screen:
I discovered that if I use different browsers than the issue doesn't occur.
But does anyone know where the check hide group member feature is?