Better role permissions in NXT

Users and roles are extremely confusing in NXT. The way they overlap with roles in DB View and their vague descriptions and categories makes most of the job of securing our database a shot in the dark. Even if it had the same permissions as DB View but with the NXT specific stuff added on that would be sufficient.

  • Clayton Loraine
  • Apr 11 2025
  • Reviewed: Voting Open
Security
  • Attach files
  • Karen Diener commented
    27 Mar 14:39

    This is so critical. The security settings in webview alone are not good enough, nor are they clear. Some users may need rights to delete very specific types of data, but that is not allowed. What does it mean to "manage unassigned prospects?" Does that mean you can edit or delete any data if they are unassigned, or does it just mean you can assign them to a fundraiser? This is the thing that makes me the most anxious about webview.

    Attachments Open full size
  • Karen Johnson commented
    September 18, 2025 16:02

    I'm having a difficult time discerning what Roles to assign. For instance, in database view, I have users who can modify an Appeal description, but were not able to in NXT. It took me over an hour to figure it out (that was yesterday, and I couldn't figure out how I came up with the answer that it's in Fundraising Role). The Roles are confusing and vague.

    Attachments Open full size
  • Jennifer Watson commented
    June 06, 2025 15:31

    If someone has "view" only rights should be just that "view only" and not have other rights. Also, if someone has rights to view lists, they should be able to view the list regardless of how it was created.
    There a lot of rights that are connected to each other when they really shouldn't be (same is true in database view).

    Attachments Open full size

Related ideas