Role Based Permissions?

It would be really useful to control what records somebody is able to view & edit based on a role. I am building an event management portal where I would like for the majority of my team to be able to see all records, while others to be able to only be able to view certain records. Right now, it seems like I would have to manage permissions through Airtable automations to link records to whoever should be able to access them, and limit record viewing to records you are linked to (rather than the very easy to use view all records option). That is doable, but it’d be nice to have the feature in Miniextensions.

As for editing permissions - I would like certain users to be able to edit certain fields based on their role. As of right now, it seems like fields are either read only or not, for anybody who can access them.

Hi @sproutbeats. Thank you for sharing your feedback with us. I have taken note of your request and created a ticket to implement a separate backend filter that can compare values between the User Table and the Linked Records field Table. Our team will review this request and assess its feasibility. Rest assured that we will keep you updated on any progress or developments through this channel.

Thanks Paulo!

A potentially easier setup would be limiting access to an entire portal based on a property.

For example:
I have a table called “Team Members”. I also have an Event Management portal that allows a Team Member to view our event calendar, create new events, and modify existing events. Not all team members should be able to view/modify all events, but a subset of them should.

Right now, my event management portal, in order to work the way I want it to, allows all users with access the ability to view all events and modify any properties that are not read-only. However, every single team member is able to access this portal because there does not seem to be a way to restrict access.

If I had a property on the team members which was a multiple select called “Permissions”, and had a permission called “Can Access Events Portal”, being able to conditionally set that up as a requirement to access the portal, and reject a user on login if they do not have the permission, would be beautiful.

I could then theoretically have a different version of the portal for each permission level. It would be a bit of a pain needing to replicate logic in multiple portals where behavior should be the same, but it would be better than the current state.

Absolutely would be better to be able to let all users into a portal, and be able to restrict access to certain things inside more granularly… That would save me from needing to replicate multiple portals. Levels of granularity that I’d love to see, from top to bottom:

1. Access to certain Tables
2. Access to certain views within a Table
3. View, Edit, Create, and Delete permissions for records inside a Table
4. View and Edit permissions for a specific Property inside of a Form

The more I think about it the more I see that this is quite a big change, and would probably take some significant infrastructural changes. But it would be immensely useful and create so much more flexibility with these portals.

If there’s any other way to accomplish some of what I’m trying to do with the current feature set that I am not aware of, please let me know!

Yes I was thinking about this too. Saves the trouble of creating another portal instance just to manage just for read/write access/view permissions.

I have also commented on the idea of a logged in user being able to view a custom view conditionally.

But I guess this might be a more holistic - long term solution if we can have separate backend filter that can compare values between the User Table and the Linked Records/Views/Forms to setup such read/write permission. as Paulo mentioned. Though I am not sure how much of work. but its definitely a very nice to have

Hi @sproutbeats and @JamieZ. Thank you for providing this valuable information. I have documented it in the ticket that I created for your request. We will keep you informed of any updates or progress through this communication channel. If you have any further questions or concerns, please don’t hesitate to let us know. Thank you for your feedback!