I’ve been playing with the function of sharing an app with another user in a group. I think it’s a great feature, but I think a few things are amiss when it comes to sharing apps and allowing those users to interact with relationship fields.
Imagine if you will a workspace with two apps, App A and App B, and I’m a user who’s only had App A shared with them.
The share user can interact with a relationship field, but it won’t allow them to add any items (all search results are null) and even though it takes the user to a creation form for that app, any attempts to create items just do nothing, and won’t return to the previous app. The only thing the user can do is remove the value of a relation field, but then they are not capable of putting the value back.
Please see the below image. When the share user is looking at the revision history and the history items have to do with a relationship field, they can’t see anything, it looks very funny where there’s obviously something there but it’s all blank.
Perhaps this is the only way relationship fields can work, but maybe share users should just not be able to touch them in any way? That way, they can’t accidentally clear the field and then not be able to put it back?
I can see that if you try to click to a related item you don’t have access to, you get the error message. So maybe you just need to get rid of the X so users can’t remove the relationship, and disable to “add relation” link so they can’t otherwise interact with the field. Of course, it would be great if these options DID exist if the related app was indeed shared with the user.
The revision history is still weird, though. Not sure what the answer is there.
thanks a lot for your report and the detailed analysis of the issue. I’m going to recreate the problem myself, but I’m already very sure that you’re absolutely right!
We extended the permissions to app and record level about nine months ago, which presented some challenges. Now that we have permissions at record level, it’s very easy and quick to make individual records or apps accessible to just a few people. With Podio, you often had to create workspaces twice.
In our opinion, nothing is worse than a privacy leak, since even the title of a record can be a secret or contain sensitive content, we have decided to display these records in the relation field only if you have at least can edit permission on these records. However, we also know that there are use cases where it is valuable if you do not have access to the app or the records, but can search for and link them in the relation field. We will offer a setting in the relation field for this in the future.
But what you reported is definitely a bug, here we have to deactivate the create button and filter out the activities.
I will get back to you as soon as we have fixed the problem.
Thanks again for the great description of the problem
Leo
Thanks for your response. I think in Podio, the situation where the user can still see the “title” of the item (the top field or whatever the layout says) seems unavoidable and I think this would be fine. I’ve built systems where even the title might have revealed something important, and we just use automations to fill that field with something that provides no information at all (such as just the ID of the item). I personally think this would be preferable than just seeing nothing in the relationship field title, and even having this show up in the activity history would be fine too (again, just in my opinion).
