Author role user have access to variables/secrets too of that folder
I am giving a user XYZ access as operator on workspace-level and author of a particular folder. The person is not a developer but a sales team member so he should only be executing the script/flow in that folder.
Currently, the person XYZ can read the script also of that folder (can see the code). I am fine with this.
But the person XYZ can also read the secrets/variables of that folder.
The person XYZ cannot directly see the secrets Variables tab in left-sidebar but if the person goes to url of variables tab, XYZ can see the variables there.
How can i just XYZ access to execute script (fine with read too, for now) but not permission to read the variables.
6 Replies
I have on the backlog to disable operators to decrypt variable
So it will be solved very soon in the frontend and somewhat soon in the api
I also have sales on windmill. Do sales actually run scripts? My solution is to have a folder with all apps they should have access to. Not sure if that would be a solution to you? Then they have not access to scripts or secrets but can run them trough the apps.
Doing everything as app is one way but the proper way is to give read access to secrets and have those secrets not loadable in frontend by operator
Which we need to implement
We will also do a button to easily convert a script or flow as an app
Proper way kind of depends on context. I found this "workaround" to be much better. Sales do not want to understand stuff, just get things done. Creating the simplest possibly app is the best way based on my context.
Fair enough
Let me rephrase, those are 2 alternatives solutions
this will be very helpful
this is good but now i have to learn how to make apps
this will be very fantastic