If the permissions could be separated, that would mean you could set the permissions for what records the user role would have access to, but not have to specify the fields, ie all fields should be accessible, if the user has access to that specific record.
This is the behaviour by default right - is there a reason you don’t want that?
Sorry I realize that my message wasn’t very clear. Let me try and clarify.
Currently, we have 4 user roles. Those 4 user roles, for each table, have different permissions for the records they have access to set by specific conditions of fields. That is great and working.
My feature request is to separate the permissions for records that roles have access to and the individual fields.
In other words, separate the conditional records a user has access to and the fields.
To clarify, this would be an optional or inherited permission.
For what it’s worth you can make people inherit permissions, but it might not suit your use-case.
So if you want to setup a rule which gives all 4 roles access to records with a filter applied, and no fields.
Then setup another rule for only one of those roles which no filter, but gives access to some fields.
Then the user with the 2nd role, will have a filter applied, and access to only the fields in the 2nd rule.
If that makes sense…
But I see what you’re asking for
Interesting you say that. We’ve seen some complications regarding multiple permissions on the same role and what gets overridden etc. Could you perhaps do a demo example of how exactly permissions get inherited? Is it possible to easily reorder the order of inheritance?
There is no order actually
- All filters are merged
- If any permission rule gives access to a field, then access is given
So you should start with least access, if it makes sense to
Got it. I’ll play around.