This may be more of a feature request than a discussion, but I am curious if others have had this need and if so, how they have handled it.
We often have instances where it would be nice if someone could have a LiveWhale account but not be able to edit anything with it - “read-only” if you will. This includes situations like:
Someone receives form submission emails that contain attachments. They have to be logged in to LiveWhale to view the attachments, but often form recipients are not LiveWhale editors.
Someone receives form submissions and would like to log in to get the CSV, but they do not need to be able to edit Forms.
Same as above but with Event RSVPs.
Some people need to be able to review hidden content before it goes live, but they have to be logged in to LiveWhale to do that.
From my testing, I cannot even create a LiveWhale user without granting them at least one permission.
I have worked around some things by combining custom fields on the user editor with some backend CSS/JS. Curious if others have similar needs and/or solutions.
While I like the idea proposed, I wonder if in practice that giving these people one of the following would be sufficient?
Newbie - Make edits to public webpages(without “make live”)
Editor - Edit dynamic content(limited to relevant type(s), without “publish”)
I believe I tested these once for student editors with high supervision. #1 can make page drafts, but can’t publish them. #2 can make new content, but cannot publish them nor (I think) edit already published content.
If it works as I remember, anyone misusing these limited permissions (drafting content) would be a nuisance at best. In practice, assuming these are employees, I doubt many if anyone would do more than the few tasks outlined in your list if that’s all they needed.
I don’t need people poking around things they have no business poking around in.
But that’s essentially what I’ve done. For example, I can give someone non-publish access to forms, but then using a custom field on the user editor assign them as a “reviewer”. Then I use that custom field along with CSS/JS to remove any links/buttons that allow them to edit anything. They can really only get to the form submissions at that point.
