User permissions and form entries

user5f407601bcbf7293 · April 8, 2021, 1:29am

I am trying to get an understanding of how granular access permissions are handled in GF. How would the following scenarios be handled:

User1 submits entry 1, 2 and 3 for form 1.
User2 submits entry 4, 5 and 6 for form 1.

How are permissions set-up to allow User1 to only access their submissions (1, 2 and 3), and User2 to only access their submissions (4, 5 and 6)?

Are these access permissions also replicated in the API, where User1 can only access their submissions, for example:

https://mywebsite.com/wp-json/gf/v2/entries/1

… and User2 can only access theirs, for example:

https://mywebsite.com/wp-json/gf/v2/entries/4

Thanks,
Andy

chrishajer · April 6, 2021, 6:32pm

Hi Andy. The permissions in Gravity Forms are not granular at all. They are for all entries, or all forms, not specific to any specific user. There is an add-on from ForGravity called “Advanced Permissions” which could probably help you out:

user6023ec2941eda858 · April 8, 2021, 1:34am

If the ForGravity add-on doesn’t provide what you require specific to permissions, or you want something that provides more front-end presentation/control, perhaps either Gravity View (with it’s Advanced Filtering add-on) or Gravity Flow with its’ inbox and status shortcode/blocks to let you be granular about who sees which entries. As one example, with Gravity Flow and its’ gravityflow_status_filter you can provide more complex logic that uses the same search criteria formats as GFAPI::get_entries.