Search for answers or browse about Sintel Forms.
Recommended Permissions For Forms and Apps
Every application you create can have unique permission requirements but as a general rule we follow a standard approach to applying permissions in a site that uses Sintel Forms and/or Sintel BI. This approach ensures users are able to use the form but also restricts them from editing data that they shouldn’t i.e. they are only granted the access they need. The basic configuration only involves 2 steps as outlined below.
Basic Configuration
Add Everyone
- Add “Everyone” into the Visitors group-make sure to deselect the option to send them an email !!
Once you have done this everyone in your organization can open the site but they only have read access so they can’t add or edit anything.
Break inheritance
Once everyone has been granted read access to a site you next need to grant them contribute access to certain lists/libraries to enable them to use the site, this would typically include:
- The list where you have enabled and configured Sintel Forms
- Any linked lists or libraries (if you are using linked lists)
- If you are using the Conversations feature, the associated (SintelFormsChat_List GUID)
Granting this level of access involves opening the settings of the relevant list/library, opening it’s permissions, breaking permissions inheritance and then changing the Visitors group from Read to Contribute access within that specific list or library.
At this point users in your organisation will be able to submit forms, add linked list or linked library items and participate in Form Conversations.
Advanced Configuration
If security and integrity of your data is important you can take some additional steps to further restrict access to data.
Hide the list data
Given that users will have “Contribute” access to the list from Step 2 above, you can add a filter to the default view of any list using “ID=0”. This filter will ensure that when a user opens the list they won’t see any data because of the filter and they won’t have access to remove the filter. We recommend only doing this on the list on which you configured Sintel Forms and any linked lists.
Hide the lists
To further secure the lists you can prevent them from appearing in the Site Contents by changing the list visibility. This does not revoke users access to the lists and merely prevents the lists or libraries from appearing in the site contents.
If you decide to hide lists or libraries you should consider adding links to those lists/libraries on the Sintel BI navigation menu for certain users or creating specific dashboards for interacting with those lists that you then share with specific users or groups.
Item Level Permissions
For applications requiring the utmost security you can consider enabling item level permissions on the list on which you configured Sintel Forms. This will enable you to restrict what data users can see and edit. While this is easy to enable on a list by list basis you should be aware that some additional configuration may be required to enable admins or other groups to see all the data if required. If you enable item-level permissions they won’t apply to users that have the “Cancel Checkout” permission. This permission is granted by default to all users with the Design permission level or higher.