Understand Permissions | Zoho Creator Help

Understand Permissions

​ What Does This Page Cover?

Learn how you can define unique permission sets such as Read, Write, or customized ones that decide on how different users can access the records.

Availability

  1. Permissions can be accessed in all plans of Creator. Addition of new permission sets is possible only in the paid plans.
  2. Only the super admin, admins, and developers can create and manage Permissions.

Overview

A permission set is a group of rules that govern the accessibility of the application's components for the user. This helps to run an organization with different departments taking care of different aspects of the business. For example, your business might involve collaborating with external vendors who might need access to your application's data. Giving them appropriate permissions to do so helps in creating a unified system where the necessary access of data is enabled. In this way, each section of people involved in the organization can have their own set of permissions relevant to their work.

Permissions in Creator

User Permissions encapsulates three triads that govern the accessibility of an application's components and the data stored in it. When you incorporate the potential of permissions, role hierarchy, and data sharing rules in an application, a standardized and controlled approach of data handling can be achieved.

In Creator, the Permissions feature gives you the ability to define various permission sets that help you establish granular control over who can view and manage the data contained in your application. While it can determine if a user can access a specific component of an application, it can also specifically define the different actions that they are allowed to perform within that component and its data.
There are three types of permission sets available:
  1. Read - Gives the user permission to view the data added by themselves (records) in the application.
  2. Write - Gives the user permission to edit data added by themselves (records) in the application.
  3. Custom permissions - Customized permissions which enables the user to perform actions such as accessing, viewing, editing, deleting, and much more.
Apart from this, a set of Field Permissions are also available which decides the read and edit access of each field present in your form.

See How It Works



Use Case

Say you've built an Order Management application for your organization. The distributers and suppliers connected with your organization want access to the records of the Add Distribution Areas form and the Add Supplier Details form respectively. Both these groups will need access only to the report relevant to them. Therefore:
  1. A permission set can be customized with View All access for the distributers to view all the records of the Add Distribution Areas form.
  2. Another permission set can be customized with View All access for the suppliers to view all the records of the Add Supplier Details form.

In the Edit mode of the application, Permissions is situated under the User Permissions section of the Settings page. By default, you land in the Permissions tab.

Sections in a Permission Set

There are two sections of permissions that need to be defined. They are:

1. API & Security Permission


The three types of API and security permissions are explained below:
Title
Description
API access
Lets you Enable or Disable the users with this permission set use APIs for data manipulation.
PII Data
Show - The PII-enabled fields' visibility is selected by default in Field Permissions . Edition of records can be further selected if required.
Hide - PII-enabled fields' visibility/edition cannot be chosen in Field Permissions . They will not show up in the form and the edition of this field's data is also not possible.
Show - The ePHI-enabled fields' visibility is selected by default in Field Permissions . Edition of records can be further selected according to your requirements.
Hide - The ePHI-enabled fields' visibility/edition cannot be chosen in Field Permissions . They will not show up in the form and the edition of this field's data is also not possible.
Note
  1. Field Permission can be accessed by clicking on More option found adjacent to each component.
  1. PII and ePHI can be enabled for a field by choosing the Contains personal data   and Contains health info option in the Field Properties pane of form builder respectively.

2. General Permissions

A permission set has two different categories:
  1. Module level: Enable or disable the access to application's components (forms, reports, and pages).
  2. Field level: Enable or disable permission to access/edit the fields in a record.
Sections
Actions in Permission Set
Description
Module Permissions
Access
Allow or restrict access to the chosen form/page.

View
Allow or restrict access to view records added by the user themselves in the chosen report.

Edit  
Allow or restrict access to edit records added by the user themselves in the chosen report.

Delete
Allow or restrict access to delete records added by the user themselves in the chosen report.

Permission actions under the More option


Import
Allow or restrict the import of records into a component for which this action is configured. They can be imported in the following formats:
Local storage - .xls, .xlsx, .xlsm, .csv, .tsv, .ods, .accdb, .mdb, .json, .numbers.
URL - .xls, .xlsx, .xlsm, .csv, .tsv, .ods, .accdb, .mdb, .json, .numbers.
Cloud service - .xls, .xlsx, .xlsm, .csv, .tsv, .ods, .json, .numbers.
Paste Data - .csv, .tsv.

Export/Print

Allow or restrict the export/print records from the component for which this action is configured. The data can be exported in the formats .xls, .pdf, .html, .xml, .json, .csv, .tsv.

View all
Allow or restrict access to view all the available records in the chosen report.

Modify all
Allow or restrict access to modify all available records in the chosen report.

Create new report
Allow or restrict access to create new reports with each form in the live mode of the application. Learn more
Note : The reports that were created by a user holding the Create new report permission will be visible to all users even after the permission is revoked.


Read comments
Allow or restrict reading comments. If allowed, the user can read comments added by other users in a report. You cannot reply to the comments or mentions when this permission is given.

Write comments
Allow or restrict writing comments mentioning users in the application. If allowed, the user can add comments in a report. You can reply to comments and mention other users by @tagging them. Notifications are sent when someone mentions you in the record comments.
Field Permissions
Visibility
Allow or restrict access to view the chosen field's records.

Read Only
Restrict or allow the edition of the chosen field's records.

Achieving Granular Access Control Using User Permissions

Any organization will want authority over how their data is circulated within their organization. When a systemized structure which decides how and who can access an application's data comes into place, both the management of data and its security is ensured. Using the combined power of permissions, role hierarchy, and data sharing rules helps you achieve this.

Each of the above features allows you to create a different type of exclusive access for users, to the data of an application. They work in different ways to achieve the intricate control of data that an organization needs.

Permissions vs Role Hierarchy
This table explains which records a user can access when they are assigned with the permissions listed below.

Permission Set Actions
Role hierarchy Disabled
Role hierarchy Enabled
View
Records added by them.
Records added by them.
Edit
  1. Records added by them.
  2. Records added by their subordinates.
  1. Records added by them.
  2. Records added by their subordinates.
View All
All records.
All records.
Modify All
All records.
All records.

Data Sharing vs Permissions
Data sharing rules allow the records of a report to be shared from one user/role to another. However, the shared data will be accessible by the receiver only if they have the permission to access that report.

Data Sharing vs Role Hierarchy
Data sharing rules overrule role hierarchy and allow users/roles to access shared data.

Usecase : Say you add a user, Teresa, to an application. You assign her a role and a permission set while adding her to the application. A few scenarios are explained below to bring more clarity on how you can use User Permissions to define which records she can access.
  1. Scenario 1 - To let her access and delete only the records added by herself in a report, you assign her with a permission set that allows View, Edit, and Delete actions.
  2. Scenario 2 - To let her access both, her records and the records of her subordinates, you enable role hierarchy.
  3. Scenario 3 - To customize the sharing of records from a role/user to her (when she does not have access by default), you define a data sharing rule.
  4. Scenario 4 - To let her view all the records of a report regardless of who added it, you assign her with a permission set that allows View All /Modify All  actions.

Points to Note

  1. While adding a user to an application, they need to be assigned with a permission set created from the Permissions page.
  2. Admins cannot be assigned with permission sets but can view all the data in an application.
  3. Developers cannot be assigned with permission sets. When environments is:
    1. Disabled - They have access to all the data of the application.
    2. Enabled - The option to let them access and publish to Development and Stage can be chosen while adding them. They will not have access to the Production environment and therefore to the data of the application.
  4. When Create new report action is disabled in a permission set for a user, they will continue to have access to the reports previously created by them.
  5. When environments is enabled, the configured permission sets will reflect on the users in the live mode only when the application is pushed to the Production environment.

Limitations

  1. The number of permission sets that can be added to an application depends on your Creator plan. See our pricing page.
  1. Create and Manage Permissions
  2. Understand User Permissions
  3. Understand Roles and Role Hierarchy
  4. Understand Data Sharing
  5. Understand Users

    Access your files securely from anywhere

      Zoho CRM Training Programs

      Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

      Zoho CRM Training
        Redefine the way you work
        with Zoho Workplace

          Zoho DataPrep Personalized Demo

          If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

          Zoho CRM Training

            Create, share, and deliver

            beautiful slides from anywhere.

            Get Started Now


              Zoho Sign now offers specialized one-on-one training for both administrators and developers.

              BOOK A SESSION









                                            You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.




                                                Manage your brands on social media

                                                  Zoho Desk Resources

                                                  • Desk Community Learning Series


                                                  • Digest


                                                  • Functions


                                                  • Meetups


                                                  • Kbase


                                                  • Resources


                                                  • Glossary


                                                  • Desk Marketplace


                                                  • MVP Corner


                                                  • Word of the Day


                                                    Zoho Marketing Automation

                                                      Zoho Sheet Resources

                                                       

                                                          Zoho Forms Resources


                                                            Secure your business
                                                            communication with Zoho Mail


                                                            Mail on the move with
                                                            Zoho Mail mobile application

                                                              Stay on top of your schedule
                                                              at all times


                                                              Carry your calendar with you
                                                              Anytime, anywhere




                                                                    Zoho Sign Resources

                                                                      Sign, Paperless!

                                                                      Sign and send business documents on the go!

                                                                      Get Started Now




                                                                              Zoho TeamInbox Resources



                                                                                      Zoho DataPrep Resources



                                                                                        Zoho DataPrep Demo

                                                                                        Get a personalized demo or POC

                                                                                        REGISTER NOW


                                                                                          Design. Discuss. Deliver.

                                                                                          Create visually engaging stories with Zoho Show.

                                                                                          Get Started Now









                                                                                                              • Related Articles

                                                                                                              • Understand User Permissions

                                                                                                                What Does This Page Cover? Learn about how different users can access a report's data and how the sharing of this data with fellow users can be enabled. Availability User Permissions can be accessed in all plans of Creator. Only the super admin, ...
                                                                                                              • Understand portal

                                                                                                                This help page is for users in Creator 6. If you are in the older version (Creator 5), click here. Know your Creator version. A Portal is a great way for an organization to allow its external users to log in to their dedicated internal system and ...
                                                                                                              • Create and Manage Permissions

                                                                                                                What Does This Page Cover? Learn to create permission sets that determine the actions a user can perform when they have access to the data of an application. Availability Permissions is accessible in all plans of Creator. Addition of new permission ...
                                                                                                              • Understand application settings

                                                                                                                This help page is for users in Creator 6. If you are in the older version (Creator 5), click here. Know your Creator version. The Settings section allows you to make application level configurations. You can view and change information about and ...
                                                                                                              • Understand Data Sharing

                                                                                                                What Does This Page Cover? Learn how the flow of data can be facilitated from between users/roles. Availability Data Sharing is accessible in all plans of Creator. Only the super admin, admins, and developers can create and manage Data Sharing. ...
                                                                                                                Wherever you are is as good as
                                                                                                                your workplace

                                                                                                                  Resources

                                                                                                                  Videos

                                                                                                                  Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.



                                                                                                                  eBooks

                                                                                                                  Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.



                                                                                                                  Webinars

                                                                                                                  Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.



                                                                                                                  CRM Tips

                                                                                                                  Make the most of Zoho CRM with these useful tips.



                                                                                                                    Zoho Show Resources