Connected Table: checkbox to allow / not allow the creation of new records

When you have a connected table, there is always the option to create new records.

However, sometimes you are using the connected table as a list of fixed options, with only some people or some processes being able to create new options.

Although you can just go and set permissions, the user still has the option to reach the form of that table. And only when trying to save, he will get the “Unauthorized” message.

But imagine its a table with many fields. User will fill all those fields just to discover he can´t save them after losing his time.

Apparently the part below doesn´t happen. Connected tables that you don´t have access don´t appear inside connected tables you don´t have edit access but can see the form.

WORSE, it’s a security issue, because the user ALWAYS has access to SEE the form of that table even if the user doesn´t have access to that table.

Let’s imagine I have a table with data user should NOT see. Lets say table X
That table is linked to another table, table Y. So, from table Y, user can see some data from table X.

Now, I have this user which only has access to table Z. Table Z is connected to table Y so you can select records from table Y.

But I don´t want this user to create new records from table Y. And much less I want him to see the secret records of table X.

So he does not have access to any of those.

However, from table Z, user has the OPTION to create new record at table Y. He won´t be able to save, true.

However, when he sees the form of table Y, he now can see records from table X, which are ultra secret!

Let me be more clear here.

This is the “Testador” role… and his tabs permissions

so this role doesn´t have the permission to view the table Probabilidade and the table Consequência. Nor to edit them. Those two tables however are related to the table RiscoAnalise, which the role DOES have access to.

Ok, so far, so good.

The weird thing is that the role can access the Probabilidade and Consequencias forms AS if it could edit them

Not only that, but he has the option to “CREATE NEW”, which he should not have, as he doesn´t have access to it.

But even if this role HAD access to it, I may not want this role to be able to change the original table by accident, that is, from the RiskAnalysis table. Which is why I think connected tables should have a checkbox to allow or not users to create new itens or edit itens already existing.