After implementing the Account Settings view in our app, we’ve noticed that any board user has access to the Account Settings view via the app’s item view.
We’ve tried with a user that has only viewing access in a board and the user could still open the Account Settings view from the app’s item view.
From our initial understanding (and from the documentation page), Account Settings should represent global settings that impact the entire account. From our experience, these kinds of settings are normally administrator-only, or at least configurable with a permission rule of sorts.
My question is; is it intended for any user to be able to access account-wide settings?
If not, is there something we might have missed in our app’s design or is it something that should be looked at by your team?
We considered checking for admin access to, at the minimum, make the settings readonly, but would like monday’s take on the matter. Especially since a user with read-only rights can open the Account Settings.
Did any of your customers contact you after seeing a 404 page?
I completely agree with you that it certainly isn’t ideal.
Thank you for the reply and the link to the feature request section.
I mainly wanted to know monday’s stance on the subject before creating a feature request.
As I said in my initial post, Account Settings are global settings that impact the whole account. Yet view-only users can access the UI, and nothing about “who can access it” is documented anywhere.