Hi,
I have screen which is connected to categories defining which permissions you have to that screen. You have either read-only or full-access. Attachments are also heavily used on that screen, but I am not sure how to handle their permissions.
Is it possible to set Attachments to read-only behavior?
Maybe I wasnt clear enough.
What I am talking about is that GUI in default supports the option to upload, view and delete Attachments to any entity row. It is accessible through “cog” menu and it is displayed on the place of the left sidebar menu.
Since attachment’s parent row can be handled with row level security rules and filters, this wont apply on Attachments and I didnt find any way how to enforce such rules.
Example:
Projects can be updated only by KAM or Project Manager. Regular user can only read (eg. view). But he can still delete or upload any Attachment he desires despite the fact he has read-only access.
There are currently no permission settings for attachments. Any user can handle attachments if he gets access to the related data.
Wouldn’t be good idea to implement such permission settings? Because right now it’s not really secure since read-only access on parent rows doesnt enforce read-only access on child attachment rows …
It would be a good idea of course 
Although none of our customers requested this yet. I cannot see that we would include this in the current version we are developing as we are doing quite some deep changes to all our code now. So sometimes next year. Or you can touch the code by yourself?
Update: Since the latest version (2021.1) attachment UI is now modelled using ORIGAM model itself. So it is now possible to add security rules on the Attachment entity that would be interpreted correctly.
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.