A person in Team A should be able to create and edit certain records related to Team A’s projects but should not be able to view Team B’s records. So access template capabilities should extend to creating new records.
For example, three common team roles that require Create Permission without full Space Access:
- Team managers to create tasks for their team, but not see tasks of other teams,
- Financial officers to create their team’s financial records, not see records of other teams,
- HR personnel to handle sensitive employee data specific to their team, not of other teams.
Creation rights ensure fused workflow, enhances data privacy, and complies with role-based access control (RBAC) principles, thereby increasing productivity and maintaining strict information security, which helps align with data protection laws like GDPR, HIPAA, and others.
The absence of this in Fibery currently forces a team to have:
- Its own isolated Space
- Its own set of duplicated databases like projects, tasks, financial data, user data,
effectively requiring duplication of structures across the organization, which becomes overly complex and in reality not an option for production organizations.
See also: Exploring private data management in Fibery - #10 by Yuri_BC