Base tables & fields "seeing" permissions

The same way you have done the “Field & table editing permissions”, It would be really usefull to add the viewing permission.

Example :

In my Budgetting Base ; I want all users to see and add their record in the “Expenses table” but I don’t want all of them to see the “Income table”

In my HR Base in Hirering Candidate Table ; I want all my managers to see all informations such as the CV, refeence letter, introduction message and modify good points , bad points, comments… but I don’t want them to see the “proposed salary” and “personal phone number”

3 Likes

+1 Totally agree with this! We need the ability to modify “viewing” privileges in addition to “editing” privileges.

Even if it was only available to us on a field-by-field basis, that would be fine too.

Or — the ability to create different views that only certain users could access. Currently, we can only lock the CONFIGURATION of the views — but we can’t lock which users can VIEW those views.

3 Likes

+1 Exactly the same issue we are facing now. We want to hide specific columns & Tables within Base, but still cant’t do it.

Restricting Table level & View level permissions will be helpful.

1 Like

+1 on this idea for us. In my case, I’ve painted myself into a corner because the only way to give someone edit permissions is to make them an owner (or whatever) which lets them view all the tables, which is not something we can do. Because we are “all in” on AirTable, we have sensitive information in various tables. I’d like to be able to share the admissions table, for instance, with our admissions committee, and let them (or the committee chair, at least) be able to actually update it. Right now, I sent them a share link, which is awesome, but they have to then email me any edits. Similarly, we use a share link for a community directory, which is so great, but since I’m the only one with editing permissions, I’m not able to delegate that to anyone else. I don’t want someone who is just making directory updates to also be able to see admissions interview notes, security incidents, etc., even if they can’t edit it.

I imagine this is a tough nut to crack. I work for a school CRM company and the question of permissions looms very large. I think that AirTable adding full (read, add, update) table-specific permissions would really take it to the next level. Till something like that comes along, the benefits of a single database outweigh the inconvenience of not having very many people being able to actually update data, but it would really be nice.

Some possible solutions:

  • Create the ability to add custom permissions. Each permission offers read/write access to particular tables (possibly even specific fields within tables), and then I can assign people to those permissions. Example: I’d create a permission called “Admissions,” and give that role the ability to view, edit, and insert data into the Admissions table. When logging into AirTable, someone with that role would only see the Admissions table, nothing else.
  • Add a “Write Permission” toggle to the share links so I can create table-specific links to send to people in different areas that they can not only view but also update.

Totally agree. It actually gets worse than what you’ve outlined, because all collaborators (even read-only collaborators) are allowed to duplicate your entire base for themselves into their own private workspace, are allowed to export all records for themselves onto their desktop, and are even allowed to see all of your private API keys in your Airtable blocks!

The moral of the story is: Airtable has no security at all when it comes to collaborators. Period. If someone is a collaborator, they have access to see everything in your base and they can do anything they want with your data. They can even use your private API keys for external services such as SendGrid or Google Maps. There is no security in Airtable when it comes to collaborators.

However, the absolutely fantastic news is that we have the absolutely amazing tool Stacker, which adds on 100% of the security features that anyone could ever dream of with their Airtable base. For any serious business which really wants to use Airtable, Stacker is pretty much a requirement.

If anyone needs help setting up their Stacker or their Airtable base, feel free to send me a private message. I am an expert Airtable developer, and I help businesses perfectly customize Airtable and Stacker for their needs, along with helping them automate & integrate their Airtable base with external apps.