grist-core icon indicating copy to clipboard operation
grist-core copied to clipboard

Published 20 hours ago verified publisher icon gristlabs

Columns protected by access rules can be deleted by any user.

Open S7venLights opened this issue 4 months ago • 3 comments

Current behavior

I have a crowd sourced table and one of the columns needs to be read only, which I managed to set-up fine. The issue is, while public contributors can't delete the contents of the cells in that column, they can still delete the whole column and there doesn't appear to be a way to prevent that.

I need the protected column to be safe from deletion as it contains moderator verified links. Additionally, if a public user deletes the column, they can't undo that action. Here is the spreadsheet I'm working in.

Steps to reproduce

  1. Setup access rules for a column as follows: Screenshot_20241016_134325

  2. Using the following public access link: Screenshot_20241016_142644 Open the link in a separate browser and click the following button to delete a protected column Screenshot_20241016_142857

  3. after doing so, the document undo button will not work

Describe the expected behavior

I expected that denying edit permission would naturally also deny deletion.

However this option can be added. In the access rules there is only a RU (Read | Update) option for a column. If there was also a Delete permission that would be intuitive.

Also I have an idea to make column access rules UI&UX much easier. For logged in Owners, there could be toggles for these permissions right in the column settings sidebar: Screenshot_20241016_143832

Where have you encountered this bug?

S7venLights avatar Oct 16 '24 12:10 S7venLights