Currently, it’s really hard for me as an admin to see what entities and documents my team members can access and which they cannot.
We’re a small team of 10ish folks, but have a large amount of spaces with all kinds of overlapping venn-diagram-esque access rights. Again and again I realise that folks don’t see things that they should or see things they shouldn’t (less so, as I’m restrictive by default).
Being able as an admin to view as another user would allow me to ensure that people see the right things.
It would be amazing to add the ability to View As Workspace “Specific User” so that admins can evaluate the results of applied permission settings. Currently, we have to apply settings to a test account and log in as them manually or log in as the specific user in a separate browser/incognito.
+1 I used to have that feature when I was administering Salesforce.com. 100% this is very useful especially as you scale, easy check that permissions are done right, and access is sufficient before you give a green light to the user to start using the system.
Just note that things might get complex when “Hide data from admin” is implemented. Would the admin see the user’s data when logged in as the user? In which case the data isn’t really hidden from the admin. @myg_ge Do you know how it was in salesforce? Could users have data that admins didn’t have access to?
Emm, good question, @RonMakesSystems. But I don’t think it is a technical question. But more like a general business question. In all businesses I ever worked for I signed an NDA or there were some sort of contract conditions with similar points about treatment of business data/knowledge, etc. I don’t remember me not being able to see someone’s “personal” information. And it was long before GDPR and stuff like that. I suspect there might be no problem to hide sensitive data like emails, phones as soon as they are defined as related field types. What’s your view on this?
I would like the option as a Admin to “Assume Identity” so that I can see what the person I assume the Identity of sees. This would be helpful when setting up the new Fibery Infrastructure. It would be helpful for end user troubleshooting to see what is wrong without having to screenshare, walk to them, or get vague answers from them when they don’t understand what is going on. This would also be useful for setting up new users so we can automatically save certain views to their personal tab. I saw on some old post that the workaround for this is to see what permissions each person has. However, it doesn’t help me that much because I would have to memorize each entity and pretend I know what they can see instead of just physically seeing it and making changes to their live view/account.
My use case was mainly about being able to see the main navigation and what is visible. As Admin, I would have been OK to not see the things hidden from me.
I suspect there might be no problem to hide sensitive data like emails, phones as soon as they are defined as related field types. What’s your view on this?