Split Edit and Share Grants

OliverLange

Requirement:

The main requirement is that a customer would like Sharing to have as its own grant on objects rather than combined with Edit grants. It will enable them to have better governance of their instances.

Current Behavior:

The current Edit Cards grant is too broad and allows multiple activities for an end user. We would like to separate the content creation and the content sharing process to avoid data sharing issues.

Enhancement Description:

• An area of concern is Authors with this grant(Edit cards) might end up sharing content with incorrect users. Since data sensitivity is important, this grant introduces high risk of data leaks.
• Priority 1:
  • Break out content edit and sharing into separate grants to allow platform admins to deploy correct grants to avoid incorrect sharing by Authors
• Priority 2:
  • Introduce a new grant that allows users (editors/authors) to share content and datasets only to directory groups and not to any individual users.

Example:

Person A has Editor/Author role in Sandbox

                              He has created datasets, cards & pages in sandbox.

"A" wants to share them with users in sandbox.

"A" is part of 2 directory groups DOMO_ABC and DOMO_XYZ.

After clicking share, "A" should only see the 2 above mentioned directory groups via autofill option.

ColemenWilson

I just submitted a very similar idea topic:

https://community-forums.domo.com/main/discussion/65849/more-grants

Hopefully the squeaky wheel gets the grease here!