We're updating the issue view to help you get more done. 

Spreadsheet view allows editing fields and records that the user does not have access to

Description

I've just done some experimenting with editable displays in 1.6 and 1.7, and even if users have been marked as not having access to the base record type (eg researcher role on the demo server at demo.collectiveaccess.org), they can edit records that they should not be able to. Is there a simple access check that can be made before updating the field at least, or at least a flag for 'can use editable view' for the role?

Environment

None

Assignee

User known

Reporter

Kehan Harman

Labels

None

Components

Affects versions

Priority

Blocker
Configure