SmartSuite
Roadmap
Feature Requests
Changelog
Back to changelog
Powered by Canny

new

Enterprise

Signature

Access & Security

Dynamic Record Permissions

Whats New page - Dynamic Record Permissions
Dynamic Record Permissions is now generally available. Solution Managers can build table-level rules that restrict who can View, Edit, Create, or Delete records, with scope down to individual tabs and sections and conditions tied to field values. GRC programs locking completed policies, audit programs making engagements read-only on completion, and security teams walling off sensitive records all now have a control surface that matches how their governance actually works.
Key Highlights
  • Cohort-Based Targeting: Pick Everyone, Only Selected, or Everyone Except as the audience, with a mix of teams, individual members, and permission types as the picker options. One rule can target a Team plus a permission type plus a named user in a single audience.
  • Four Restriction Types, Scoped Three Ways: View, Edit, Create, and Delete restrictions, each scoped to the whole Record, to selected Tabs, or to selected Sections, with optional conditions tied to Status, Single Select, Multiple Select, or Yes/No fields.
  • Sentence-Builder Rule Authoring: Build rules in plain language ('Sales Team can't edit records when Status = Completed') instead of writing logic by hand. Each rule has a title, description, audience, and one or more restrictions.
  • Layered Conflict Resolution: Multiple rules for the same cohort apply the strictest rule (least privilege). When a person belongs to multiple cohorts with conflicting rules, the least strict rule wins (optimistic) so collaboration is preserved. Record-scope rules take priority over Tab, then Section.
  • View As, Validation, and Safe Deletion: Test any rule with View As as the selected user. Invalid rules (missing audience, deleted tab, broken condition) auto-mark themselves invalid and stop applying. Tabs and Sections that a rule depends on cannot be deleted without first cleaning up the rule.
How It Works
  • Open a table you manage and go to the new Permissions section in table settings; this is where Record Level Permission rules live alongside the existing table-level permissions.
  • Click Add Rule, give it a Title (unique within the table) and an optional Description, then specify Who this rule applies to (Everyone, Only Selected, Everyone Except) and pick teams, members, or permission types.
  • Add one or more restrictions per rule: pick the action (View, Edit, Create, Delete), pick the scope (Record, Tab, Section), and choose Always or When conditions are true. Use the sentence-builder control to compose the condition.
  • Save the rule and it becomes effective immediately. There is no draft/publish state. Use View As on any rule's audience to verify the experience the restricted user will see.
  • Edit, duplicate, or delete rules from the Rules Overview page; conflicting rules resolve automatically per the documented priority order.
A note on the upgrade path: customers who used Dynamic Record Permissions in the early access period get the GA experience with no migration work.
Learn More
Watch Product Video