User permissions 🔐 #209
Replies: 11 comments 12 replies
-
Just for some community feedback, this is a blocker for us. We must be able to support permissions to be able to migrate to twenty. See #501 (comment) for a related comment of mine. |
Beta Was this translation helpful? Give feedback.
-
Thanks @skamensky - that's a big lift so not coming soon unfortunately. But definitely on the roadmap and will get done |
Beta Was this translation helpful? Give feedback.
-
Understood, @FelixMalfait . Thanks for the reply. In terms of permit-io, I just browsed their code and site and it looks like they don't support permissioning at the query level yet, which would make larger filtering either inefficient or insecure. |
Beta Was this translation helpful? Give feedback.
-
Any updates? Still blocker to implement this for real clients |
Beta Was this translation helpful? Give feedback.
-
Looks like they're trying to hire someone to do this right now! Just posted today. |
Beta Was this translation helpful? Give feedback.
-
Hi all, this is also a blocker for us to move to Twenty. Is it possible to bump this priority up? |
Beta Was this translation helpful? Give feedback.
-
+1 ... I can use Twenty for organizing personal contacts but without solid permission control (and ability to hide some records from some users, like "hide all records with tag of finance") then we can't use for collaboration or team. This feature feels, to me, like core to CRM and more important than automated Workflows given it seems clear this is a blocker for many with being able to use the CRM with their team? (Automatted workflow beta is amazing but just feel like in hierarchy of adoption, this one is more important.) My only thought for achieving is multiple workspaces with the thought that these workspaces could be merged if/when this feature ships but not sure that is possible. |
Beta Was this translation helpful? Give feedback.
-
V1 of permissions is now in production, it's very basic for now but followups will come in April/May to bring role creation, object-level/field-level permissions. |
Beta Was this translation helpful? Give feedback.
-
Hello any update about role creation, object-level/field-level permissions? |
Beta Was this translation helpful? Give feedback.
-
Closing as object level is now complete and rolled-out. Field level permissions coming soon (should be end of July). Row-level not planned for this year. |
Beta Was this translation helpful? Give feedback.
-
@FelixMalfait ... congrats on getting first part out. I was hoping to move to Twenty but we just have one big DB at our current CRM and many of us have people and companies in us that are personal/only matter to us and need to be able to hide those. I am assuming that the news that row-level isn't schedule for this year means that won't be possible for hide a company, or group of companies tagged with X, for at least 2025? Or maybe I am overlooking. I have Twenty installed an am playing with it ... may try to keep using it as a personal CRM but if I can't hide companies or people based on rules, won't be able to migrate the team to it. Keep up the good work! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Currently, all users on a workspace have the same rights to create, edit, view and delete records.
In the future we want to provide a more granular role/permission system that lets an admin control who can edit workspace settings, but also setting object-level permissionning.
Example implementation on Hasura: https://hasura.io/docs/latest/auth/authorization/permissions/common-roles-auth-examples/
Other example: https://www.producthunt.com/posts/permit-io
Implementation
permissionSet
within the metadata schema:nameSingular
,labelSingular
,isCustom
,isAdmin
permissionSetAssignment
withuserWorkspaceId
andpermissionSetId
objectPermissions
withpermissionSetId
,objectMetadataId
,canRead
,canCreate
,canEdit
,canDelete
Later we will create
fieldPermissions
and replaceisAdmin
by a more granular table with individual permissions.Update
Note
We began developing permissions. ETA end of Q1.
twentyhq/core-team-issues#12
Beta Was this translation helpful? Give feedback.
All reactions