We're updating the issue view to help you get more done. 

Permissions to restrict editing of spreadsheets

Description

Companies often need to manage spreadsheets of info (e.g. inventory, customer lists), and having this info in PlaySQL Spreadsheets would be ideal. However there are two major problems:

  1. anyone with 'Create page' permission can edit a spreadsheet

  2. there is no tracking of what changes were made
    Problem #2 might be acceptable if permissions could be locked down to trusted users.

Result

I thought it would be complicated to use a different database user/password, but it is not, so I've implemented this part. It will be possible to override permissions at a space level:

  • For each permission (VIEW/EDIT/Structure/ADMIN), it is possible to either extend the space permissions or require another group.

  • For each permission, it is possible to specify a database user.

  • If you are using a JNDI connection, please use C3P0 instead of DBCP. The JNDI datasource is declared in the file server.xml. Our documentation has been updated from a DBCP example to a C3P0 example - See Declaring JNDI datasources for Confluence. The reason is, C3P0 allows using a JNDI datasource and overriding the user/password each time we connect with a different user, and that was not possible with DBCP.

There are the following drawbacks:

  • Permissions aren't inherited. You must define them for VIEW, EDIT, Structure, ADMIN, even if they use the same settings.

Environment

None

Observations

None

Status

Assignee

Adrien Ragot (Play SQL / RY)

Reporter

Jeff Turner

Labels

None

Participants

None

Fix versions

Priority