More Restrictive User Permission Level(s)

iamwout · October 31, 2024, 6:10pm

As our Tulip user base grows, and our use of diverse Tulip functionality is growing, we are finding that the minimum browser-based user role, “Viewer”, is not restrictive enough.

Most non-operator users, such as supervisors, managers, engineers, planners, and other support staff are not app builders but require basic features, such as dashboard/analysis and adding their phone number for SMS functionality. However, there is no role, nor the ability to make a custom user role, that restricts only these basic functions.

The following are our concerns:

Stations - Viewers are able to see station details for active stations, who’s logged in, their player screen, paired interface

Connectors - Viewers can see all connectors and connector functions, including SQL queries exposing database, schema, and table names of external systems.

Edge Devices - Viewers can see IP addresses of Edge devices

Apps - Viewers can test apps, especially hidden or locked steps/functionality they couldn’t otherwise navigate to on a player. Viewers can see trigger configuration.

Interfaces - Viewers can see all interface details. (Count, device type)

Tables - Viewers can see all table data.

Ideally, my suggestion would be to add the “Cannot View” option to all of the categories/sub-categories of the custom user role creation options.

At a minimum, my suggestion would be to have a role which can distinguish between the non-development related functionality and the development functionality in the browser instance.

kevin.kononenko · October 31, 2024, 6:31pm

Hi Wout, these are great points and definitely cover problems across multiple types of Tulip users. Question for you on the dashboard/analysis functionality- do you prefer to create your dashboards within apps, or use the native dashboards feature?

For example, if you make your dashboards within apps, this would become a lot easier for us to solve for.

iamwout · October 31, 2024, 10:40pm

Regarding dashboards specifically, we prefer the native dashboard feature, simply because it does not require a player setup/access for the user. However, our dashboard development for general users is minimal and for viewing we can use the link share functionality.

Dashboards are not too critical within the scope of my ask. The concern is more compartmentalization of the Tulip functionality . Someone we may want to have access to some table data, we may not want to have access to connector data. Someone we may want to have their phone number paired to receive text from a Tulip app, we may not want to see any apps, tables, connectors, etc. And so on…

kevin.kononenko · November 1, 2024, 12:41pm

Makes sense. We call that “asset level permissions” internally. I don’t have any good solutions at the moment, but we are planning on making improvements here in 2025.

Isabelle · March 14, 2025, 1:52pm

Hi Kevin!
I also have the same question as Wout. Do you have any plans to limit access to users for components and Tables in Tulip?

In the company I work we want to limit the tables data to specific users. But today, with the viewer access you can view the data information for any App. Is there a way to limit this?

kevin.kononenko · March 14, 2025, 2:25pm

Hi Isabelle, a couple questions:

What is a “component” in Tulip, as you see it? Want to make sure I can address that directly.
When you say limit viewing, are you focused on the experience where operators view table data in the Player? Or app builders view it while building apps in Tulip?

Isabelle · March 14, 2025, 3:03pm

Hi Kevin! Let me explain more in details:
We would like to create an app that contains sensitive information which will be stored in tables. We would like only the manager to have access to the content of this table. However, we have people in the company who have access as Account Owners, Admins, or even Viewers, so it is possible that they could view the contents of this table. Is there any mechanism that can limit table access so that only one person has access to the content?

kevin.kononenko · March 17, 2025, 6:44pm

To make sure I am clear, would this be on BOTH the Tulip side and the Player side?

In other words, the restriction would apply to both viewing by clicking around the Tables page, as well as ability to view within a running app.

And if this applies to a running app as well, would the way you restrict users differ there?

Isabelle · March 19, 2025, 6:39am

Hi Kevin!
Hello Kevin! Exactly. I would like only one specific user to have access to a table. This applies both on the Tables page and within the App if I want to show this table. No other user besides this one should be able to view the data contained in this table. Is it possible to limit access like this in Tulip?

kevin.kononenko · March 19, 2025, 3:03pm

Hi Isabelle, two thoughts on this:

In our terms of service, we provide a definition of “Sensitive Personal Information”: Terms of Service | Tulip If this is an example of that, then I do not recommend storing it in Tulip.
Beyond that, I will need to think further on a solution that crosses Player and the UI. We do not have the concept of limiting the viewing of table records yet. One reason is that it would impact the testing of an app- would the app then only be able to be tested by one person, because they are the only ones that can view the records? So it quickly starts to impact all parts of the app building experience.

Topic		Replies	Views
Control access to individual Tulip assets Product Suggestions	9	43	August 30, 2024
Custom permissions Product Suggestions	1	327	December 2, 2020
App execution based on Business specific assigned Role Product Suggestions apps	4	24	March 27, 2025
Limiting access to Connectors	2	425	August 18, 2021
Business-defined permissions best practices? security , best-practices , permissions	6	198	November 21, 2024

More Restrictive User Permission Level(s)

Related topics