Permissions in the iSheets module

By default, all active iSheets in a site may be viewed by all users of the site. Permissions must be enabled on an iSheet to restrict certain groups of users from accessing the iSheet, its views or columns.

Check and edit permissions

To check the permission status of an iSheet, or to enable permissions, navigate to the
iSheet
admin page on the site (
Admin
>
Module settings
>
iSheets
) and select
More actions
for the iSheet. Select
Manage permissions
:
By default,
Enable permissions
is not checked, meaning all users with access to the site can access the iSheet.
Check the box to
Enable permissions
. Once selected, a Site admin can restrict which groups can access the iSheet and configure exactly what type of access each group has to iSheet items.
When
Enable permissions
is selected, a table like the one displayed above displays, with a row for each group on the site. By default, access will be fully disabled for each group.
Since
Use groups for permissioning
is typically enabled, the following instructions will assume that groups are used for permissioning. Similar permission rules would apply for user-based permissioning, with organisations (org) used in place of groups.

iSheet permission levels

iSheet level permissions are divided into two categories:
View
and
Edit
.
View
allows a user in a group to view (and search for) iSheet items.
Edit
allows a user in a group to add, edit and delete iSheet items. A user with edit rights to an iSheet item may also review its version history and compare versions. See Item versions for more information.
Both
Edit
and View have a specific subset of permissions that can be enabled as needed for your use case.
View permissions
  • Own
    - Users can only view items created by themselves.
  • This group
    - Users can view any items created by themselves or other users in the same group. (If
    This group
    is selected,
    Own
    is automatically selected.)
  • All
    - Users in the group may view all iSheet items, regardless of who created them. (If
    All
    is selected, both
    Own
    and
    This group
    are automatically selected.).
Edit permissions
  • Own
    - Users can add items and only edit and delete items they created.
  • This group
    - Users can add items, and edit and delete items created by themselves or other users in the same group. (If This group is selected, Own is automatically selected.
  • All
    - Users can add items, and edit and delete all iSheet items regardless of who created them. (If All is selected, both Own and This group are automatically selected.).
Enabling any
Edit
level permission for a user or group will also select the corresponding permission under
View
.
If a user is a member of multiple groups with different permissions applied, that user will have view and edit access to items based on the permissions of all their groups combined.
Consider the following example:
  • 'Client 1' has
    Edit Own
    rights, and as such also
    View Own
    access. Users in the group can add items and only view and edit their own items.
  • Both 'Client 2' and 'Client 3' have
    View This group
    and
    Edit Own
    rights to their respective groups. They can add items, view, edit and delete their own items, and can view, but not edit, items created by other members of their group.
  • 'Client 4' and 'Client 5' have
    View This group
    and
    Edit This group
    rights for their respective groups. They can add items, and view, edit and delete items created by themselves and other members of their group.
  • 'Internal Users' has
    Edit All
    rights, and therefore users in the group have access to view, edit and delete all items in the iSheet.
The group a user belongs to determines which subset of items is available for viewing and editing.
Users who are only members of 'Client 1' can only access items they created. There could be 50 users in 'Client 1' contributing multiple items to the iSheet, but each user would only see their own contributions when viewing the iSheet.
Members of the 'Internal Users' group would see all entries from all users. The permissions set-up for 'Client 1' and 'Internal Users' in particular can be useful for iSheets collecting questionnaire responses that need to remain private to the contributor ('Client 1' users), but compiled and collected for the reviewers ('Internal Users').

Related content