Three approaches to record access restriction

Using an online database, you definitely need to make some data accessible for certain users only while keeping it restricted for others. TeamDesk keeps you in control, providing a powerful role-based access mechanism. Roles allow controlling what data users have an access to and which actions they can perform against the database. In this post we describe three main approaches you can utilize for record access adjustment.

1. Simple Access

If a default table record access is not altered, the system allows any record to be added, viewed, modified or deleted by a user. Should any of these actions be restricted, the system provides an easy way to do so on an individual basis. User roles in the database may be configured to precisely control users’ access to any part of the database and to restrict their rights to perform any type of action. You can quickly change any table records access settings and specify either “Allow All” or “None” option for the correspondent column.


Please note that if “None” option is selected for the “Allow View” action then all other actions become inaccessible. Naturally, a user won’t be able to modify, add or delete records that are invisible to him/her.

When “Own Record option” is selected, the system will only allow accessing (viewing or editing) those records where a user is specified as a record owner.

2. Using formulas for record access restriction

If a more precise access level adjustment is needed, it can be achieved by adding formulas. A formula can comprise a range of conditions defining the user access. For example, there is a table keeping Comments in your database. Each comment record comprises the Status field with “Private” or “Public” choices. Let’s assume that there are two roles, called “Team Member” and “Partner”. For instance, Team Member should be able to view all the comments, while Partners should only view comments with “Public status”. In this case you should select the Custom Rule option in the record access settings and use the following formula [Status]=“Public” for the Partner role.


You may automate formula generation using the Filter option in the View. At first, create a View, activate the “Only records that meet certain criteria” option in the Filter section, indicate necessary criteria and then save this view. Reopen it in the Setup mode and activate the “Custom formula” field. A formula reflecting your criteria will be automatically generated. Simply copy this formula and paste it into the Custom Rule.

3. Record access and user property table

If you need to keep some additional information about users (such as salary or a department name), it is handier to keep this data in the special User Property Table . As a result, you’ll be able to easily extract “salary” or “department” data for any particular user. The “User Property” table is particularly useful when you need to define access rights, such as “Allow view records related to the people from my department”. For example, all sales managers are database users and their profiles are kept in the “User Property” table, where a Department name is assigned to each sales manager. In a separate table, called “Sales”, the “department” value is specified for each record. This allows you to quickly restrict “Sales” table records access for any users besides sales managers. For instance, you would need to allow a “view” access to records related to the people from the department assigned in the “User Property” Table. To adjust their access accordingly, select the “Custom Rule” option and match the “Department” column from the Sales table with the “Department” column kept in the “User Property” Table. The formula would be the following: [Department]=User[Department] . Please note that the “Department” column which is stored in the “User Property” table goes with “User” prefix.


Any of the above mentioned access restrictions can be applied to any table. Should you need any help with the records access adjustment, TeamDesk support team is always ready to assist.

Tweet about this on TwitterShare on Facebook0Share on Google+0