Sharing Not Working (can only show all or none)

The Space I’m working on at the moment is OKRs, which obviously has some sensitive data, but we have lower-level team members allocated to some KRs in their sections so they need to see those and nothing else, whereas Partners need to be able to see everything.

I have on the automatically share entities with assigned users, but they can’t see them unless I share the space, but if I share the space they can see everything (View is the lowest permission). How do I only let them see the things they’re assigned to?

Work around at the moment is to create different views for different access levels, but then I need to put them in different Spaces because I can’t see a way to hide views at all, let alone by Access Level, and it gets confusing because there’ll be a lot of spaces already.

This is not correct. They do have access to the entities they are assigned to, but will not necessarily have access to the views in the space, which kinda means they might not find it easy to navigate to the entities that they are assigned to.

You might consider creating a ‘smart section’ for the OKRs, so each person will see their assigned ones in the left menu.

Or users can navigate to the OKRs they are assigned to via their User entity view.

Oh I see, so if I create a Space and move my Views to that one, they’ll be able to see everything they’re Assigned to within that Space. I got halfway there just now playing around, because I made two Spaces, with one as the Access Level, and the other to hold the ‘backend’ databases, so it makes sense! If I add top-level databases I want all users in the Access Level of the Space to see, then build out the Permissions from that database downwards I think it should work.

Thanks for helping me figure things out as always!

There’s some interesting discussions around permissions here in the community, so you might like to check some of them out. This might be a useful post for anyone reading this thread.

For the time being, it’s not possible to grant access to views (which are the usual entry point for users to see the entities that have been shared with them) without also granting access to the databases in the space where the views live.
So using two spaces (one for the data and one for the views) is a common workaround.
Alternatively, using smart sections can be a great way for users with no space-level access to be able to navigate to entities that they have been granted access to.

1 Like

I didn’t realize that smart sections still appeared without users being a member of its parent space! That’s good to know! I was using a sidebar hierarchy rule to hide the space by default. Now I can move that smart folder somewhere else and just delete the former space (which I was only using as a placeholder for the smart folder)!

1 Like

This video helped me a lot to implement this structure: