Context
It has come to our attention recently that the logic currently followed by iSheet permissions is somewhat counter-intuitive with regards to users' ability to delete iSheet records despite not having permission to edit some columns contained within that record.
It does not make logical sense that a user group which has been restricted from editing certain values in an iSheet record should have permission to effectively delete those values, alongside everything else in the record; this contradicts the logic behind removing their permission to edit those certain values.
It is currently true that a user with no edit permissions on any columns does not have the ability to delete records, but changing just one column permission to edit will allow this to happen.
Proposal
We propose a solution whereby the delete permission is isolated, in a similar fashion to the files module permission setup, such that specific user groups can be granted explicit "Delete" permission for a given iSheet record.
Alternatively, or in addition to, perhaps a user group with "edit" permissions for all columns in an iSheet would be the only group/s assumed to be able to delete records; any groups without full "edit" permissions on all columns would be unable to delete records.
Top Comments