Setting permissions on your database

Overview

You can control who can see and edit the databases on your site by using permissions settings on each database you create. This can be useful when you need to:

Share confidential information with other managers, but not the entire company.
Post a widely referenced database such as a job postings database, but allow only a few people to edit it.
Allow all team members to enter and update issues in an issue tracking database.

Each database has its own customizable permissions system. The permission system is based on access levels. Each user of a database has an access level that controls what that user is allowed to do. For example, a user with Read access is only allowed to view information in the database, not change any of it. A user with Edit access can view and change information.

The database manager(s) controls the access levels for the database. Initially, the member who creates the database is the only database manager, so that member sets access levels for users. If another member should also be a database manager, give that member Manage access.

Using access levels

There are many database access levels:

Access Level	Rights
No Access	Users can neither see nor use the database. They cannot see the database in the Menu, nor on the Databases page, nor in any other part of the site. (Note that site administrators with No Access can still access databases to change permission levels. This allows administrators to access databases even if all the database managers have left the group.)
Read	Users can view any existing information and can use export to save that information to a file. They cannot add new information to the database, nor can they use import to create new information. They also cannot edit or delete existing information in the database. Users cannot edit the design of the database.
Read & Add	Users can view any existing information and can use export to save that information to a file. They can add information to the database either manually or by importing information from a file. Users with Read & Add access can only edit or delete information they added. They cannot change any information added by other users. Users cannot edit the design of the database.
Read & Add (Own Records Only)	Users can add information to the database either manually or by importing information from a file. Users can only view information they added. They can also edit, delete or export the information they added. They cannot view, edit, delete or export information added by other users. Users cannot change any details of the database design.
Edit	Users can view any existing information and can use export to save that information to a file. They can add information to the database either manually or by importing information from a file. Users can edit and delete any information in the database. They cannot change any details of the database design.
Manage	Users can view, edit, add, and delete any information in the database and any aspect of the database design. They can also export any information to a file, and import information from a file. A member who has Manage access is called a Database Manager. This is a powerful permission level, so use it carefully. Site administrators have access to set permissions on any database; they are thus able to give themselves Manage access if the need arises.

When you create a database, the Database application automatically gives you Manage access and everyone else No Access. While you are developing your database, you may wish to give other people access so they can help you test out the database. Once you're ready to deploy the database to the rest of your members, decide which permissions are appropriate for different members and groups and then change the permissions accordingly.

Setting the permissions for a database

To set permissions for your database:

On the Databases Manage page, click the Permissions link to set the default access level and any special access for specific members or groups.
Click Choose Members to change the list of groups and members that appear.
Use the Add and Remove buttons to change the list of members and groups.
Click Ok when you're done modifying the list of groups and members that you wish to assign special permissions.
Choose the access levels appropriate for the members and groups in the list.
Assign the default access level for all other members.
If guests have access to databases on your site, assign the appropriate access level for guests. Read more about guest access.
Before you save the permissions, review them carefully. The security of your data depends on you assigning the appropriate access levels.
Click Save in the Command Bar when you’re done.

In the following example:

The IT group has Read access to the database. They can view all information in the database, but cannot change any of the information.
The Management group has Edit access, allowing them to view and change any information.
Both Frank Stevens and Melissa Tate are database managers, allowing them to change the database design as well as database information. They can even change these access levels.
The default access level for all other members is Read and Add (own records only). These members can only view information that they themselves added.

This example also shows that guests have No Access. The Guest Access entry appears on the Permissions page only if guests are allowed to access databases on your site. Read more about guest access.

Changing the permissions on a database

You can change the permission settings on a database if you have Manage access level to that database.

To change permission settings on a database:

On the Database Manage page, click the Permissions link .
Click Choose Members to add and remove members or groups from the permissions list if necessary. Removing members and groups from the permissions list resets their access to the default access level. Make your changes, and then click Ok.
Change the access level as needed for each member and group.
Click Save in the Command Bar.

Using member groups for databases

If you find that you frequently give the same permission level to a group of members, ask your administrator to create a member group for them. A group is a subset of members, such as a department, committee, or team represented in your site. With groups, when you set permissions on a database, you can simply select the member group rather than all the member names individually.

Learn how to create a member group.

Guest access

If you permit guest access to your site, you can let guests access databases. You set access permissions for guests on each database just as you do for members. You can assign guests No Access, Read access, or Read & Add access. If you'd like to let guests access your database, but you don't see the Guest Access entry on the database's Permissions page, talk to your site administrator about setting up guest access to your site.

Guests with Read access to a database can view records and activity logs for that database. If you don't wish guests to view activity logs or any sensitive information, you can disable guest access for that database. If you have a database with guest access enabled that contains information in an activity log that you don't want guests to see, follow these steps:

Export the data from your database view
Create a related database with the appropriate fields
Import the data into your related database

Storing your data in a related database ensures that you can set guest permissions on the related database, while your original database view will remain unchanged.

Next step: Create database reports (optional)

Go to Database Reports.