It would be great if access controls were designed around the concept of CRED (Create, Read, Edit & Delete) permissions where applicable. Currently, there is an inconsistent approach to what controls can be selected with ACLs, which can be confusing to configure and limit security that can be configured.
As an example, as far as I'm aware it's not possible to make a form context field available to a user without giving them the ability to edit it.
Apologies for putting this request into the Scheduling & Coordination topic, but there wasn't a topic where this fit.
Please sign in to leave a comment.