Configure permissions for roles
When setting up roles in Quickbase, you can set access rights to all aspects of your app. You can also control a user's experience within your app by configuring the user interface for a particular role.
When you configure roles, you set up both app-level permissions and table-specific permissions.
-
You set up app-level permissions to define a fundamental level of access to your app
-
You can then set up table-specific permissions if you want to implement more granular access to individual tables, records, and fields.
Tip: If you only want to set a role's table-specific record permissions and saved report permissions, you can also set these by selecting a table on the Table bar, clicking Settings, then clicking Access to get to the table-level permissions.
Setting up app-level permissions
Access role permission settings by going to the app Home page, clicking Settings on the Page bar, then clicking Roles. Click the role name to access role permission settings.
To grant additional permissions:
For each role, you can grant additional permissions by selecting the combination of the checkboxes in the App Access section on the Permissions tab.
The following table describes the different permission levels (roles) you can assign to users.
|
To set this permission level |
Select these checkboxes |
Description of role |
|---|---|---|
| None | Disable access to app for users with this role | No access to app. |
|
Basic |
None |
This is the default role. Choose this level for a role that will view and use your app but shouldn't access administrative controls. Users at this level won't see the Users button on the Table bar or be able to customize app structure. This option does not grant users the ability to customize the app or manage users. You can allow users with basic access to edit field properties. To grant this ability, turn on the Edit Field Properties checkbox for some or all tables. |
|
Basic, Sharing |
Manage users and share the app |
This option grants Basic Access permissions and adds the ability to add and invite other users to the app. Users in a role with Basic Access with Sharing permissions can also manage all users in an app. This option does not grant users the ability to customize the app. Note that when a user with this level of access shares an app, there is no option to grant or revoke Full Administration access for any user. |
| Admin | Edit app structure and permissions |
This grants Full Administration access without the ability to share apps. This is useful if you don't want your app builders to share apps with users, either because they're near their maximum number of users, or because you want to control who has access to which apps. |
|
Admin, Sharing |
|
This level grants access to all administrative controls required to customize app structure and access permissions, including sharing access. A person assigned to this role is usually the app manager but could also be someone a manager has asked to help out with administrative duties. When you give a role Full Administration access to an app, all users in that role can:
|
For any role, you can select the Disable access
to app for users with this role checkbox to prevent
users in the role from accessing your app.
Setting up table-specific permissions
Once you determined a role's basic access to the app, you can fine-tune access further by setting up permissions for each table in the app.
View, Modify, Add, and Delete permissions
For each table, you can define a role's ability to view, modify, add, or delete records.
-
Use the Add and Delete columns to specify whether a user in this role should be able to add or delete records in the table.
-
Use the dropdowns in the View and Modify columns to specify which records a user in this role should be able to see and/or change. For example, if you want to let the role see any record in the table, you'd click the View dropdown and select All Records. Your choices in both dropdowns include:
|
Selection |
Description |
|---|---|
|
All Records |
Grants view or modify rights to any record within the table. |
|
Group's Records |
Grants view or modify rights to only those records created by a user belonging to a group you can specify after you make this selection. (Read more.) |
|
Custom Rule |
This choice lets you set specific parameters for access. For example, you could let a user see only those records where their company appears within the Customer field. After you select this option, select the edit link that appears to the right of the field to configure your custom rule. |
|
None |
Grants no access to the table. (If you select None within the View dropdown, the Modify dropdown automatically defaults to None too.) |
|
When user is in 'list-user field' |
Grants view or modify rights only to those records in which the user is one of the members of a specific list-user field. |
|
When user is 'user field' |
Grants view or modify rights only to those records in which the user appears in a specific user field. |
|
When user is 'Record Owner' |
Lets users view or modify only those records they create. |
|
When user is 'Modified By' |
Grants view or modify rights only to the user who last modified the record. |
Permission to save common reports
Use the Save Common Reports column if you want users to be able to save reports that will appear to all users of your app. (When you turn this option off, users in the role can still create and display a report, and save it as a personal report for their own reference. Read more.)
Permission to edit field properties
Use the Edit Field Properties checkbox to grant a user in this role the ability to edit field properties within the corresponding table. Use this option when you want to grant field editing permissions to a user who has Basic Access or Basic Access with Sharing permissions. Users in a role with this option checked will be able to access field properties by right-clicking on a field name from within any report or form.
Note: Users who have Full Administration permissions for the app will be able to access field properties from the Settings page regardless of whether this option is selected.
Keep in mind that users who can access field properties also have the ability to take these actions:
-
Change the layout of the form, by adding or removing fields from the form, creating new tabs and sections, etc.
-
Change the behavior of the form by adding, updating, or removing dynamic form rules
-
Add new fields to the table
-
Delete fields from the table
Be aware that this checkbox grants access to field properties, which is usually only accessible to admins. As a result, it gives users admin abilities on the table level and should be used cautiously.
Granting custom access to specific fields
Use the dropdown in the Fields column to grant field access to users in the role.
|
Selection |
Description |
|---|---|
|
Full Access |
Grants users in this role full access to all fields in the table. |
|
No Access |
Forbids users in this role access to all fields in the table. If you have a table in your app with no fields defined, this selection will be the default for that table. |
|
Custom Access |
Grants access to only selected fields in the table, or excludes fields from view. Quickbase displays the table's fields in the Custom Field Access dialog, which is used to set up restricted fields. |
Tip: You can also set the access permissions for a field from within that field's properties page. Field access controls appear within Permissions section, when you turn on the Restrict Permissions by role checkbox.
To set permissions for roles:
-
Within the Roles page, click the Permissions tab.
-
Specify app-level access for the role.
-
Set permissions for each table in your app.
