Field level permissions

The ability to adjust permissions at the field level would be great. It would avoid having to do workarounds such as relying on secondary private apps that pull from an existing public app.

Main use case is multi-team work on the same app. Suppose we have a Proposals app, a group for Marketing, and a group for Program. And suppose users in the Program group are privy to certain information that either can’t be shared with users in Marketing, or can only be made visible to Marketing.

  • Field 1 - text field - both groups can edit
  • Field 2 - multi-line text field - both groups can edit
  • Field 3 - text field - visible to Marketing, only editable by Program
  • Field 4 - text field - not visible to Marketing, editable by Program

Today, this would require two apps - the original Proposals app and a secondary Program Feedback app that has a relationship field back to Proposals. Both groups have access to the former, only the Program group has access to the latter. The fields would be setup like so:

Proposals app

  • Field 1 - text field
  • Field 2 - multi-line text field
  • Field 3 - calculation field that pulls content from Program Feedback’s Field 5

Program Feedback app

  • Field 4 - relationship field to Proposals app
  • Field 5 - text field
  • Field 6 - text field
  • (perhaps a Field 7 that is a calculation field making other data from the Proposals app such as Field 1 and Field 2 visible within the Program Feedback app)

An ideal setup would be a single app containing all the fields, and a Share option in the Edit Field dialog box similar to the Share option for apps and workspaces.

  • Fields 1 and 2 - text field and multi-line text field
    • Group: Marketing - can edit
    • Group: Programs - can edit
  • Field 3 - text field
    • Group: Marketing - can view
    • Group: Programs - can edit
  • Field 4 - text field
    • Group: Marketing - no access
    • Group: Programs - can edit

Other use cases:

  1. An Incidents app visible to both a Management group and a HR group, with certain internal notes fields only visible to the HR group.

  2. A Contracts app visible to all users and a Legal group, with certain fields regarding legal negotiation only visible to the Legal group.

  3. A Business Travel app visible to all users and a Finance group, with certain fields that capture total spend for trips visible only to the Finance group.

Thank you for posting this and I agree that this is everything. This is the one big nugget that no low code solution has been able to crack so far.

I think the most complicated piece here would how you define roles. You say Marketing and Programs but those are your terms, so they would need to build user interfaces that let you create roles, let you assign users to roles, and then make those roles available within the field configuration interface. I think this is one of the main reasons that it’s such a heavy lift.

Another addition to this would be an @mention of roles, so you can leave comments on the item, but if there’s a role @mentioned, only those in the role could see the comment. Just another thought I’d add!

3 Likes

Agreed that this is the one feature that I haven’t seen well implemented in this space. Or if it is well implemented, then the platform is missing some other crucial feature(s).

On roles, I was thinking the existing ‘Groups’ mechanic could serve that function: Manage members, admins, guests & groups | Tape Help Center

4 Likes

You could say that none of the team about which you knew then had figured this out.
We can talk about how such permissions are designed by other teams.

1 Like