Page tree
Skip to end of metadata
Go to start of metadata

Table Permissions Wizard

The Table Permissions wizard enables you to configure the permissions for each table in a knowledgebase for a given group. The wizard is accessed from the Tables tab of the Group Permissions wizard by editing a table from the list. For more information on configuring table permissions for groups, see Set Group Table Permissions

Table permissions are saved individually, independent of changes made in the overall wizard.

General Tab

The General tab specifies high level security, such as whether members of the group can access the Setup wizards and whether the table will be displayed on the group's toolbar, or left pane.

Table access controls aspects such as creating a record via a Custom Hotlink, viewing a table's Reports, and selecting information from a Linked Field. In most cases, it's usually not necessary to remove table access. If you don't want users to use the table outside of the previous scenarios, you can effectively limit their access by removing the table from their toolbar by selecting No from the Show Toolbar option.

If the table has subtables, an additional option controls whether to apply the changes to the subtables.

Table Permissions and Security

Security is built into the core of the system and enforced consistently. Users who do not have access to a table cannot see records and data from that table. This seems obvious, but it can have important implications for tables and permissions.

Example

Consider the Assigned Team field in the Service Requests table. This field is displayed as a drop-down list containing each team name, and it's linked to the Team Name field in the Teams table. Users will not be able to choose a team from the drop-down list or even view the list at all unless they belong to a group with access to the Teams table. That is, they must be granted access to the Teams table and have view permission to the table's records and the Team Name field.

However, if the Assigned Team field in the Service Requests table already has a value selected, the user will be able to see the value if they have view permission to that field, even if they don't have access to the Teams table. They just won’t be able to interact with the field by choosing a new value.

This is also an example of a situation when you might want to give a group access to a table but not show the table on the toolbar.

Menu Permissions Tab

The Menu Permissions tab specifies group permissions for menu items like views and saved searches.

For more information, see Set Menu Permissions

Record Permissions Tab

The Record Permissions tab specifies the group's record permissions for the table. These include creating, deleting, editing, viewing, mass editing, quick editing, and viewing FAQs for the records. For more information, see Set Record Permissions.

Setting record-level permissions with the Table Permissions Wizard is best suited for defining permissions that a particular group has for multiple tables. If you want to set record-level permissions that multiple groups have for a particular table, you can use the Table wizard to set which groups can view, edit, and delete records in that table.

  1. The table’s ownership settings are displayed at the top of the screen. For edit, delete, and view permissions, each permission is based on whether the group can act on records that they own, records that other people own, or both. You can change a table's ownership settings on the Permissions tab of the Table wizard.
  2. Permissions for editing, deleting, and viewing records can all be controlled with separate saved searches. To allow group members to interact with every record in the table for a given permission, select All.
  3. For a user to edit a record, they must first have view permission for that record. Even if the edit permission options are selected, users won't be able to edit records if they can't view them.
  4. The Edit other... permission is only available for Power User groups. End User groups can only edit their own records.
  5. Edit permissions have several additional options:
    1. Mass Edit... controls whether the group can edit multiple records at once.
    2. Quick Edit... sets whether the group can edit records directly from the table view.
    3. Link multiple records... controls a group's ability to link records together using the Actions > Link action on a table's action bar.
    4. Print records... determines whether a group can print selected records, either to a physical printer or PDF.
  6. View permissions also have a few additional options:

    1. Export multiple... controls whether a group can export records from the table.

    2. Show conversion button... determines whether a group sees the Convert button on the table's action bar.

    3. Allow interaction... defines whether a conversion action that is supposed to bring up the new record screen will actually do that. If the permission is not granted, and a user in this group runs a conversion action, it will just run in the background and create the record without showing it to the user. 

Record Permissions Summary

The options selected on the Record Permissions tab are displayed in Record Permissions column on the Tables tab of the Group Permissions wizardThe permissions are grouped into one line each and are separated by commas. For instance, View Own: All means that the All checkbox was selected. View Own: SS means that the Saved Search checkbox was selected.

If the permission has not been selected, it will not appear in the list. This allows you to scan the table view to see what permissions have been granted without having to read through all the permissions.

Field Permissions Tab

The Field Permissions tab allows you to set the group permissions for each field in a table, which are broken down by records that one owns and records that other people own. This enables you to set a very granular level of permission for the table for each group. For more information, see Set Field Permissions.

Setting field-level permissions with the Table Permissions Wizard is best suited for defining permissions that a particular group has for multiple fields. If you want to set field-level permissions that multiple groups have for a particular field, you can use the Table wizard to set how groups can interact with that field.

Related Tables and Field Permissions

Field permissions are especially important when using Related Tables. In many cases, you may want to prevent certain groups from adding or removing records from a Related Table. To do so, remove a group's Edit permissions for the fields in the linked set in the source table. This prevents the Lookup icon from working to link new records, and it automatically removes the Unlink button from the Related Table's action bar.

Example

Consider a Related Table of Support Cases contained in a Company record. To prevent a group from adding or removing records from the Related Table, remove the Edit permissions in the Support Cases table for all the fields included in the linked set to the Company table.

Another way to prevent users from unlinking records in a Related Table is to navigate to the Permissions tab of the Field wizard for the Related Table and deselect the option that allows users to unlink records.