Team Permissions
Understand the different access levels for team members.
Permission Levels
Simpl offers two permission levels for team members:
| Level | Description |
|---|---|
| Viewer | Can browse and search data, but cannot make changes |
| Editor | Can browse, search, and edit data inline |
The connection Owner has full control, including team management.
Viewer Permissions
Viewers have read-only access to the database connection.
What Viewers Can Do
- Browse all tables in the schema
- View record lists and details
- Use search functionality
- Apply filters and sorting
- Navigate relationships
- View the schema diagram
- Customize their own layout preferences
- Export data to CSV or JSON
- Use keyboard shortcuts
What Viewers Cannot Do
- Edit or modify any data
- Delete records
- Change connection settings
- Invite or manage team members
Best For
- Stakeholders who need visibility into data
- Support staff looking up customer information
- Analysts reviewing database contents
- Anyone who should see but not modify data
Editor Permissions
Editors have read and write access to the database.
What Editors Can Do
Everything Viewers can do, plus:
- Edit field values inline in detail view
- Modify records directly in the database
What Editors Cannot Do
- Delete records (not yet supported in Simpl)
- Change connection settings
- Invite or manage team members
Best For
- Developers who need to fix data issues
- Operations staff maintaining records
- Content managers updating information
- Anyone who needs to make data corrections
Owner Privileges
The connection owner has full administrative control.
Exclusive Owner Capabilities
- Invite new team members
- Remove existing team members
- Change member permission levels
- Update connection settings
- Delete the connection entirely
Ownership Transfer
Currently, connection ownership cannot be transferred. If the owner needs to leave, they should:
- Ensure someone else creates a new connection
- Transfer knowledge of the connection details
- Delete their original connection
Permission Comparison
| Capability | Viewer | Editor | Owner |
|---|---|---|---|
| Browse tables | Yes | Yes | Yes |
| Search records | Yes | Yes | Yes |
| Apply filters | Yes | Yes | Yes |
| View relationships | Yes | Yes | Yes |
| View schema diagram | Yes | Yes | Yes |
| Customize layout | Yes | Yes | Yes |
| Export data | Yes | Yes | Yes |
| Edit records | No | Yes | Yes |
| Manage team | No | No | Yes |
| Edit connection | No | No | Yes |
| Delete connection | No | No | Yes |
Changing Permissions
Who Can Change Permissions
Only the connection owner can modify team member permissions.
How to Change
- Open the team panel from any table view
- Find the team member in the list
- Use the dropdown to select their new permission level
- Changes apply immediately
Effect of Permission Changes
When you upgrade a Viewer to Editor:
- They can immediately start editing data
- No notification is sent
When you downgrade an Editor to Viewer:
- They lose edit capability immediately
- Any unsaved edits are lost
- No notification is sent
Database-Level Permissions
Important Note
Simpl permissions control what users can do through the Simpl interface. The underlying database connection uses your credentials.
This means:
- Simpl respects your database's constraints
- Editors can only modify data the database user has access to
- If your database user is read-only, even Editors can't write
Recommendation
For maximum security:
- Use a database user with appropriate privileges
- Consider separate connections with different database users for different permission needs
- Rely on database-level constraints as the source of truth
Security Considerations
Audit Trail
Simpl doesn't maintain its own audit log of who made what changes. All edits appear as the connection's database user.
For audit requirements:
- Implement database-level audit triggers
- Use PostgreSQL's built-in audit features
- Consider application-level logging
Access Revocation
When you remove a team member:
- Access is revoked immediately
- They cannot view or edit any data
- Cached data in their browser may persist briefly