Column permissions
You may wish to limit access to particular columns in an iSheet for certain user groups. Custom permissions may be configured for columns if permissions are enabled on the iSheet to which they belong. Once permissions are enabled and configured on the iSheet (see iSheet permissions), permissions may be configured on columns in the iSheet admin page: select
Admin
> Module settings
> iSheets
, then More actions
> Manage columns
.Edit permissions on a column by clicking
More actions
and selecting Edit permissions
:
By default, every column inherits the permission settings of the iSheet to which it belongs and has
Inherit iSheet permission
enabled.
To set custom permissions for the column, disable
Inherit iSheet permission
by unticking the checkbox. A table of groups with their View and Edit permission level settings. 
You may apply custom permissions for each group by unticking the appropriate checkboxes for
View
and Edit
. Select Save
to save the permission changes.note
A group cannot be granted more access to a column than the access permissions applied for the group on the iSheet itself. In the example above, neither 'Client 2' or 'Client 3' have edit permissions to the iSheet, and therefore cannot be granted edit rights to the column. Another group, 'Client 5', has no access to the iSheet and as such does not appear in the permissions matrix for this column at all.
Column view and edit permissions
At the column level, permissions are limited to
View
and Edit
. Edit
rights grant users in a group access to both view and modify the value of the column, whereas View
rights limit a user to viewing the column value. If neither View
nor Edit
rights are granted to a group of users, the column will not be visible to the user at all in any iSheet table views or item windows.
In the example above, custom permissions are set on the 'Expiration Date' column.
- 'Client 1' is a group that hasEditrights to the iSheet, but onlyViewrights to this column.
- Therefore users in the 'Client 1' group can create new items in the iSheet but cannot set the value of the 'Expiration Date' column.
note
In such cases, it may be helpful to set a default value for the column.
- Even though 'Expiration Date' is a mandatory column, users in the 'Client 1' group are exempted from this requirement as they do not have permissions to set the value for the column.
- In theAdd itemwindow, users in groups who have access to add and edit items but only view access to a particular column, such as 'Client 1' users, will see that column name ('Expiration Date'), but not the entry form field:
- Similarly, in theEdit itemwindow, the column name ('Expiration Date') appears along with any value entered by a user with permissions to edit the column. However, the user in 'Client 1' cannot modify the value. If the column value were blank, only the name of the column would appear.
- In the column permission example above, members of 'Client 3' and 'Client 4' have no access to view the 'Expiration Date' column.
Restricting view access to a column means that the column will not appear for that group in any of the following:
- Any view of the iSheet, even if the view includes the column and the group has access to the view.
- The iSheet add, edit and view windows.
- The iSheet search form.
note
A column cannot be searched by any group that does not have at least view access to the column.
Column permission inheritance
You may need to consider how modifying permissions at the iSheet level can impact columns with custom permission settings. For example, if access to the iSheet were removed entirely for the 'Client 1' group, users in that group would no longer have access to the column, despite any column permissions granted previously when inheritance was 'broken' and custom permissions applied.
Alternatively, if 'Client 1' had no access permissions to the iSheet (or the group did not exist when the iSheet was created), but was subsequently granted full access view and edit permissions to the iSheet, 'Client 1' would not automatically be given any rights to a column that had custom permissions (broken inheritance). Permissions on such columns would need to be manually configured as required.
note
Re-enabling
Inherit iSheet permission
will revert the column permissions to match the permissions of the iSheet.Conditionality and column permissions
Restricting access to a group on one column and adding a condition to a second column based on the value of the first column will not limit that group's access to the second column.
For example, certain groups cannot view the 'Country' column, and the 'US State' column has a condition to display only if 'Country' equals 'United States'. The 'US State' column has no permission restrictions configured, so all groups have access to and can search on the 'US State' column.
Related Content
-
Create iSheet columns
Format:
Article,
1 min read