Sharing, Permissions & Security 3.0
Daniel Urbano
GENERAL IMPROVEMENT AREAS:
- API Permissions
- Granular Permissions: Location levels, Permissions manager.
- Dashboards Permissions
- Team's permissions
- Settings Permissions: Billing, manage Apps
________________________________________________________________________________
Extra Permissions to be added (individually):
- Edit Space/Folder/List name & color
- Edit list assignee (All my locations or only if I'm Assigned)
- Edit list description (All my locations or only if I'm Assigned)
- Billing
- Manage Apps (All or only my locations)
- Dashboard permissions (All or only my locations)
- Team's permissions (All or only my locations)
- Edit custom fields (All or only my locations)
- Edit Assignees (All my locations or only if I'm Assigned)
- Edit Dates
- Edit Priorities
- Edit filters
- Edit Status (All my locations or only if I'm Assigned)
- Edit templates (All or only created by me)
- Edit tags
- Edit Name/description
- Edit Sharing
- Edit preview image
- Delete templates (All or only created by me)
- Archive Space/folder/list/task
- Restore archive
- Delete archive
____________________________________________________________
More Granular permissions (At settings and locations):
Create tasks (items)
Edit tasks (items)
Edit status
Edit tags
Edit dates
Edit Priority
Edit assignee(s)
Edit Custom fields
Edit Dropdown custom field 1
Edit Dropdown custom field 2
Edit people custom field 1
Edit email custom field 1
....
Delete tasks (items)
Remove tags
Remove dates
Remove Priority
Remove assignee(s)
Clear Custom fields
Clear Dropdown custom field 1
Clear Dropdown custom field 2
Clear people custom field 1
Clear email custom field 1
....
Edit settings:
Create
Create views
Create custom fields
Edit
Edit views
Edit custom fields
Edit filters
Edit location name
_____________________________________________________________
Details over Permissions improvements areas:
- API Permissions: Right now, the API is blocking us from executing any script if the location is somehow private. We would like the API to go over permissions, as it's supposed to be working as a super-admin user or is just a rule established regardless of any other permission.
- Location Settings: Permissions at location level. It needs to be more granular. Manage Apps at location level. Manage Teams at location level.
- Permissions Manager: Expand Permissions to see every permission at every location based on roles and people. By default, inherit upper-level permissions into lower levels.
- Dashboard permissions: Add a permission setting for creating, editing a seeing data of that specific location in dashboards. For example: If I'm at Space "XYZ" level and go to settings and want to have a toggle for "Can create dashboards with this location data", another for " Edit dashboards with this location data" and a toggle with "See/access data from this location in dashboards".
- Billing permissions: Allow only selected Admins to access Billing Section
- Manage Apps: Allow users (based on roles) to manage ClickApps at specific spaces only (Location settings).
- Save permissions templates: Save and later apply defined permissions for any role, user, team at any location where it applies.
_____________________________________________
Status Workflow:
- Rules and permissions for Status changes and approvals. Based on roles and locations.
- Statuses Manager: Show where different statuses are applied.
Log In
Matt Jefferson
Rebalance some of the security features so they are available on the business tier. A business user should be able to lock down to only internal users or set permission at the space level. Also, a little more granular permissions on lists and folders (etc.), we spend a lot of time fixing mistakes for users that our over permissioned because of the current limits.
Luci N.
Merged in a post:
Roles and permissions 3.0
We need a fully redesign for roles and permissions (at least at enterprise level).
Should be able to decide between giving a permission for more specific stuff (like lists, folders, fields, custom fields, etc).
Adding more options for each role also is necessary. The options right now are very limited in every way.
There should a hub for roles and permissions like there's is for other things in 3.0, like the custom field manager, docs or dashboards hubs (coming soon), etc.
For example: right now I can give access to a list to any user with the "edit" permission, but that let them change settings of the list. I just want them to be able to edit things in the tasks, not the settings. That's way there should an "advanced" option by each permission, where you can turn on and off many other things, or just have the option to select "custom" permissions as it is with roles.
Another example are regular fields and custom fields. I should be able to change settings for each field in each list/folder/space, like: who can see it (roles, specific people, teams), who can edit.
I might come back to this post to add new stuff...
M
Mitch Webster
Agree. Need time entries for users with comment only permission.
I.e. be able to complete a task and capture all the info required but not be able to add or delete tasks or lists.
Ryan MacAlmon
could this idea be combined with this one?
Daniel Urbano you submitted this one as well
Daniel Urbano
Ryan MacAlmon Agree
Ryan MacAlmon
I would like to be able to create roles that allow users to create folders, and lists.
Permissions of what the user can do should first be at the Role level, then they can me managed at the entity level.
I think visiblity should stay at the entity level
Louise Ewing
Hi Daniel
Thank you so much for taking the time to share such detailed feedback with us! It is very much appreciated and we will review and digest it as a team.
Thanks so much!
Louise
Christopher Day
Hey Louise, just following on from this: may you please also provide a better solution for custom field sharing on tasks in multiple lists. Previously if a task lived in multiple locations only the custom fields of each list were seen. Now it seems that all custom fields across both lists are visible. This makes it complicated to hide certain sensitive information from people on a task they are working on, for example.
Daniel Urbano
Hi Louise,
This was previously shared with: Anthony Creek, Frances Chase-Dunn, Alex Chandler, and some other people in ClickUp.
(about 2 months ago - September 20th)
I believe that they already had a conversation about this, so it would probably make sense to bring it back to them and share thoughts.
I just added it here as Frances told me to do so.
Joey
Thanks for the suggestion, I am going to move this to the right board to make sure your feedback is heard by the right people!
Daniel Urbano
Joey This has been brought to many people internally within ClickUp. Thanks for coming back to make it a priority.
So much needed!
Probably another of my feature request needs to be added here:
Csaba Szabó
Joey
Dear Joey,
I manage our workspace which includes 65 members from 6 different territory and it is very complicate to manage the permissions wihtout any manager like custom field or automation. I guess you can imagine how is the situation now. It would be nice if I can set by member what space/folder/list visible or not .
Csaba