May 31, 2021

Updated permission system

May 31, 2021

We reworked our permission system from the ground up to simplify the process of adding teammates, and to increase flexibility out of the box.

Our old permission system relied on defining read/write permissions upfront at the table level. This allowed for fine-grained permissioning, but required a huge time commitment to set up, and was hard to keep up-to-date as needs (and schemas) changes.

Our new system works off the existing power of views. We now have 3 roles:

  1. Admin. Has full access to data sources (including raw tables), and can create + publish views for others to use.

  2. Collaborator. Only has access to existing views which were created by admins.

  3. Read-only. Can only read data in existing views, but not make edits.

These new roles are specifically tuned towards the ability to craft views with limited access through filters and hidden attributes, ensuring that your teammates have access to the data they need, and nothing more. Collaborators still have the ability to search within views, and we're planning ways for them to organize data in new ways.

On top of these three roles, we also have the concept of Owners. Each workspace has at least one owner who, on top of their role permissions, gains access to billing and top-level settings like renaming the workspace. Right now, the creator of the workspace is designated owner, but we plan to let you transfer ownership and add new owners in the future.

Finally, the new Read-only role is free, so you can add as many teammates/investors/users as you'd like without affecting your billing.

Other improvements and fixes

  • Added the ability to filter on JSON columns

  • Fixed query results missing the final record on each page

  • Fixed number of collaborators being miscalculated by one