Viewable but Restricted
A
Amanda Bullock
I would like some kind of permission default for tables where the role can VIEW all records, but the default is to DENY VIEWING all fields besides the title. Then we can manually allow permissions by field that we want everyone to be able to access. That way when we add a new field, we know the default is that it's not viewable to that role.
For example as to why I want this - We have records for all of our employees with all sorts of information. Some of it would be fine for everyone employee to see, while some of it would not be. As such, we allow the Everyone role to only be an assignee, so they can only see their personal record. The number of fields we have on this table is very high, meaning if we allowed Everyone to view the whole table, we'd have to manually restrict numerous, numerous fields. Additionally, we'd have to remember to manually restrict any new fields that we add.
The reason this is a problem is because they cannot see other team member records at all, they can't see those public fields & I cannot use the Record Selector and Record Detail widgets in a Dashboard view to create an Employee Directory for everyone because of the permission issues.
Jon Darbyshire
Great to hear your perspective, Amanda Bullock! I have a few more questions for you:
- Can you provide examples of the types of fields you would like to be viewable by default and those you would prefer to be restricted?
- Are there any specific roles, other than 'Everyone', that you would like to have different levels of access to the records?
- Would you find it useful to have a feature that allows you to set default permissions for new fields added to a table?
A
Amanda Bullock
Jon Darbyshire
1) I think all field types would be great, we utilize a large variety of 'types' that we would want restricted. We use multi-select, text, linked records, formulas, as some generic examples, but we use many more than this.
2) Yes - we utilize several different roles for this table and all of our tables/solutions. I'll add a screenshot of our current permissions below. Basically, how we have it set up right now anyone who shouldn't see the restricted field for other employees will be assigned their own personal record so they can view theirs and no one else's. However, the goal would be for other roles to be able to see records easily, but only the public information on the record in a manner that would be secure (ie: us not having to remember to manually restrict new fields in the future which could lead to mistakes and employees seeing information for others that they shouldn't)
3) Absolutely! That would be great. It would still take us hours to redo the permissions for this table to get it how we need it if that's the only thing implemented (and what I was hoping to avoid) but it would remove the potential for human error of others seeing information they shouldn't.
For our current table permissions so you can understand the current setup & hopefully the shortcomings of it I'll add that image below.
Another thought I had last night around this was if there was an option to set permissions by which Section the field is housed under when you open the record. I know right now, these are really just visual, but if it's possible to add functionality to those it would make our field updates much faster.