Help

This Product Ideas board is currently undergoing updates, but please continue to submit your ideas.

Advanced User Permissions

cancel
Showing results for 
Search instead for 
Did you mean: 
Jonathan_Fuller
6 - Interface Innovator
6 - Interface Innovator

Again running into issues with not having more granular control of User Permissions. Wondering if this is on the Roadmap and if so (Though I know you can’t say when) is it one of the higher priority items?

You all are awesome. Thanks!

261 Comments
J_Spitzer
5 - Automation Enthusiast
5 - Automation Enthusiast

One thing for beginning: SHARED VIEW TO EDIT !!!

nnnnneil
8 - Airtable Astronomer
8 - Airtable Astronomer

A simpler feature request is - expand on the ability to share a web view and allow users to share a grid view. In the same way as Dropbox allows you to share a folder, anyone with the link can edit.

Adnan_Ahmed
7 - App Architect
7 - App Architect

Giving my +1 for this feature. My use case is:

I want to display some records in the Gallery view to 5 of my clients. There is a separate gallery view for each of my client. Now, ideally I’d want

  • the client to give feedback via the comments section, or by editing one of the fields
  • not to mess with any of the other data, or delete any attachments i.e. have Commenter-level access
  • not be able to view any of the other tables or views (not possible as Commenter)
  • not be able to see hidden columns (not possible as Commenter)

There’s another, simpler way of looking at this: I want my client to be able to edit a view which looks identical to a read-only table view (as in, they won’t be able to see hidden columns or other tables/views), but the client can comment on it or change a specific field of my choosing.

The solutions mentioned above by other users are all great, such as view-visibility, column-locking and another access level between “Editor” and “Commenter”. Also, as Google is able to implement such granular editing for Google Docs/Sheets/Slides, and is widely used by lots of people, I don’t buy the reason that adding such levels will “confuse” Airtable’s existing users. Also, I also don’t think Airtable needs to satisfy all needs with user-level permissions, just the majority of them.

Really looking forward to this feature, as it will open up lots of collaboration opportunities with outside vendors/clients.

nnnnneil
8 - Airtable Astronomer
8 - Airtable Astronomer

Totally agree. Google Docs is a great example of how users expect this level of control which is why it is so surprising that AirTable doesn’t have it. The nature of work has changed, teams are distributed, freelance and agile. User level permissions are the way we manage security, complexity and the general experience.

Come on guys, let’s make this the next What’s New!

Adnan_Ahmed
7 - App Architect
7 - App Architect

@Katherine_Duh would be great if you guys could give us any update regarding this. Is it being worked on, or is it something you’re not focusing at the moment, anything :slightly_smiling_face:

nnnnneil
8 - Airtable Astronomer
8 - Airtable Astronomer

Actually it would be great to know what you guys are working on in general? There’s been a flurry of activity up until June :slightly_smiling_face:

shaneb
4 - Data Explorer
4 - Data Explorer

Yes, this is a barrier for us adopting Airtable more broadly. Would love to know where this is on the roadmap.

Jin_Yoo
4 - Data Explorer
4 - Data Explorer

+1
I have been trying to push towards team wide adoption of airtable, but this is the biggest blocker to get buy in from executives

Laura_Perez
4 - Data Explorer
4 - Data Explorer

Huh, don’t think they’ll continue to read this thread by now BUT, I also agree with the other users here. Understanding you want to keep Airtable simple (and that is great), a SIMPLE way to add advanced user permissions could be:

  • Adding a “Share table” option with regular permission levels like edit, read, comment
  • When you do so, it could appear a little window asking you which fields you would like to grant permission to and an option to select them all (like the notification settings on iOS or something like that :stuck_out_tongue: ). Of course, this window would only appear when you are trying to share a TABLE and not the whole base.

Capture%20-%20notifications

ari_jayy
5 - Automation Enthusiast
5 - Automation Enthusiast

Requests for more granular access permissions have been beaten to death, but I recently shared this detailed use case/request with a member of Airtable support, so I’d like to post it here, as well – both for reference and to learn whether or not the community has discovered workarounds.


USE CASE
As a short-term vacation rental company, our primary AirTable Base stores the following types of data:

PROPERTIES (Table 1)

  • Property Detail (address, footage, etc.)

RENTALS (Table 2)

  • Rental Terms
  • Net Sales
  • Net Profits
  • Sales Team Member Commissions
  • AirTable Admin Formula Fields

As for our company structure, we’re made up of multiple departments (like most companies). Each department demands specific levels of access to certain types of data (also, like most companies). For example, here are 2 departments and the level of access they each require to the data types listed above:

SALES TEAM

  • EDIT: Property Detail
  • COMMENT: Rental Terms
  • VIEW: Net Sales
  • NO ACCESS: Net Profits, Sales Commissions, AirTable Admin Formula Fields

RENTAL TEAM

  • EDIT: Rental Terms
  • COMMENT: Property Detail
  • NO ACCESS: Net Sales, Net Profits, Sales Commissions, AirTable Admin Formula Fields

PROBLEM
You may notice a similarity between the needs of the Sales Team and Rental Team: both sets of users require at least 2 permission types for data stored within the same Table. The current Airtable permission settings do not allow us to mimic this access structure.

We need granular access permission sets that can be applied “per user, per view”, as opposed to the current “per user, per base”. We’re not so much interested in restricting access to the records of our base, but more interested in restricting access to the columns/fields, and limiting which users can read and/or edit the content within these fields. It’s not enough to blanket each staff member with the binary option of “READ Everything inside the Base” or “EDIT Everything inside the Base”. There are too many nuances in between.

At the same time, “per user, per view” permissions are complicated to maintain, and perhaps too granular. Which leads me to my proposed compromise…


PATHS TO A SOLUTION
Certainly this is far easier said than done, but the most holistic, usable, and obvious solution (imo) would result from the addition of:

TEAMS

  • defined as groups of users who share identical access permissions for the data stored within a given Base
  • any given Team is unique to a single Base (i.e. the Base A “sales team” may be different than the Base B “sales team”)
  • all users must be on 1, and only 1, Team

TEAM VIEWS

  • users with EDIT permissions are now limited to creating (a) Personal Views or (b) Team Views
  • if a user creates a Team View, the access permissions for the new View will default to “VIEW” for all users on their Team, and “HIDDEN” for all other Teams (the Base Creator can later extend access to this View via the Team Panel).
  • thus, by definition, Team Views are Views which are HIDDEN from all but 1 Team
  • when sharing Team Views, login is required to access the share link (ensuring that users from other Teams cannot access); public share links are not allowed

TEAM ADMIN PANEL

  • accessed only by Base “Creators”, each Base has one “Team Panel” interface, but the settings within the panel will change respective of the “Team” that is selected from a Team dropdown (located within the panel)
  • the Team Panel lists all Views that exist within the base (regardless of which Team is selected), grouped by Table (see attached images)
  • adjacent to each View name is an access permission dropdown, which “Creators” use to assign the following access permissions to the selected Team: EDIT, VIEW, COMMENT, HIDDEN

To illustrate, here’s a very crude rendering of the Team Admin Panel:

Airtable Access Permissions - Sales.jpeg

Airtable Access Permissions - Rental.jpeg


ADDITIONAL CONSIDERATIONS

Since Views are merely groupings of “Fields”, these additions would ultimately allow a clever Base Creator to assign granular permissions on a “per user, per field” level, if they so choose.

Consider a single user, John, who has the following access:

  • VIEW access to View A
  • EDIT access to View B

These permissions are better thought of like so:

  • VIEW access to all Fields of View A
  • EDIT access to all Fields of View B

Since John’s highest level of access is EDIT, he can add new Personal or Team View to the Base. If John were to create View C, he would have all Fields of View A and View B at his disposal in creating his new View C, but his ability to EDIT field data will be limited to the Fields of View B.