Dear Codans (@coda_hq)
The following is not really a bug, but it can be such a big problem, that I feel your attention is required.
For my doc, I have the copy option disabled, which works great and it is absolutely required to secure my document. I also use the locking options to their fullest extend and I also use a lot of filters. With these 3 options, I can make sure my users see what they should see and, more importantly, hide what they should not see.
I am aware of the fact that these options are not meant for absolute (data) security, but they go a long way and if the doc is setup properly, it works pretty good.
Unfortunately, there are a couple of things that can compromise this badly. Sometime last year, a lot of ‘improvements’ where made when copying tables or pages. When copying (within the doc itself, but in particular when copying to another doc, an option box appears allowing for making a view of the table (within the same doc) or asking whether you want to copy to blank tables with only the table headers, copy to table(s) with only the visible rows or copy to table(s) with all rows - visible and invisible (filtered). This last option has me seriously worried, because a user copying a filtered table from a locked page gets, in his private copy, access to all rows when the filters are cleared.
In my opinion a copy of a table from a locked page should go without these options and only copy visible rows (or perhaps don’t allow to make a copy at all).
I really hope you can address this issue, because I am sure that many makers are not aware of this.
There are two other very important issues that compromise docs in unexpected ways.
the canvas column does not respect locking settings, with the result that anyone with acces to a canvas cell, regardless of which table the canvas cell belongs to, has direct access to ALL tables in the document by typing “/table” . Filters, if any, can be cleared, user roles can be altered, financial data can be changed, etc. etc. I can’t imagine that it was meant to work that way.
when looking at a filtered sub table (beautiful feature), for example showing the line items of a proposal, you only see the line items belonging to the current proposal (if setup properly). But when you open a modal of one of those subtable line items, you can scroll through all line item in this subtable (by using the little counter at the bottom of the modal). I have discussed this with support, but I am not sure if or when this will be fixed. There is a workaround, but it not very convenient and it hurts the proper working of other parts of (my) document.
There have been some rumors about a future feature allowing for more fine grained page authorization(s), but if the things mentioned in this post are not addressed, they are not going to be of much help.
I am aware Coda doesn’t shared it’s roadmap, but I hope you will make an exception for the things discussed in this posting, because (for many docs) they are critical.
To all Coda users reading this post: if you agree with the above, please like this post so Codans will recognize the urgency.