If I remove the owner role on Patents in Pipeline and IDS and PCT I cannot view these boards. Yet in other boards such as Patents, Matters, Clients, etc. the Owner role is not listed first and I can view these boards.
– Is it because I have everyone else listed? – Do I really need an everyone else, if the only people who access this are the ones I give permission to?
– When the forms come out, will I need an access that says everyone else?
Under the Patents and Pipeline, the user boss and LS does not have permission to delete, however when testing these roles, they are able to delete the row. Can you please help as to why the user role is able to delete the row?
I still need help with access rules. These 2 boards are not working correctly. I made sure they match my other access rules. I don’t understand why these two boards are not behaving correctly. The role LS and boss can delete even though they do not have access. I have restarted the system.
Access Rules apply top to bottom so user.Access in [OWNER] is required at the top to grant access to owner regardless of what the rules below it say. Because Everyone Else is restricted in the last condition, OWNER would be included in this (if the top rule didn’t exist). We always recommend including user.Access == OWNER or user.Access in [OWNER] as the first rule for every set of table rules. Then, you don’t have to worry about accidentally restricting OWNER access in another rule. Full access is already granted. We have a checkbox under Default Rules you can check to automatically add this rule as the first anytime a new set of table rules is created, just to save a few steps
Having a condition for Everyone Else, restricting access to the table is a nice precaution. That way, you know for a fact that anyone not listed specifically in the other rules will absolutely not have access. Without it, Everyone Else would be given whatever access they’ve been granted via the default rules.
I would still recommend including a rule for Everyone Else, again just because it protects your data in case you add a user that doesn’t meet one of the other criteria.
Form sharing overrides all access rules and user management in order to do its job. It also does everything needed - like, make the form publicly accessible (without having to make your document public). It also allows a public user to create records in the specified table when submitting a form. All built in! So you don’t have to worry about configuring anything there The access rules you have set would continue to restrict access as desired to those granted document access. A user submitting data via the form will only have access to submit data for the fields added to the form. They cannot see any data in your document nor can they submit data for any fields not included on the form view.
I’m not sure what is causing the issue here. Your conditions all look correct. I tested in a copy of your document and found that if you delete then re-add these table rules, then those two roles can no longer delete records, as expected. These are the steps I took:
Delete table rules for IDS and PCT and Patents in Pipeline.
Save Access rules.
Re-add table rules (and column rules) for IDS and PCT and Patents in Pipeline.
Save Access rules.
Test as user with Role == “LS” and Role == “boss”. No longer able to delete records.
Thank you for the information. I copied your wording and made a note of it, so I can reference this if I have problems with the access rules. I also updated all the rules to include the owner and everyone else. I did as you requested, and it does work properly now.
The access rules you have set would continue to restrict access as desired to those granted document access. A user submitting data via the form will only have access to submit data for the fields added to the form. They cannot see any data in your document nor can they submit data for any fields not included on the form view.