Pipescripts & Security Enhancements
We’re rolling out several new features to enhance security across your app, particularly in Pipescripts and file permissions.
Pipescripts (TB.TriggerPipe) – New Security Controls
To improve control over Pipes triggered via JavaScript, the following features will be live in the coming days:
-
Permission-Based Execution
Pipes can now be restricted to run only if certain conditions are met—such as being triggered by a logged-in user with specific roles or values in the Users table.
-
Auto-Assigned Parameters Based on Logged-In User
You can now set pipe parameters to pull automatically from the logged-in user’s data (e.g., their record ID), eliminating the need to manually pass this via JavaScript.
Example: Automatically set a pipe’s
user_idparameter to the logged-in user without exposing it in the script.
Secure File Updates
Additional options for restricting file downloads are now available:
-
Field-Based Access
Allow downloads only if a field in the record connects to the logged-in user (e.g., a "File Owner" or "Assigned To" field). -
Role-Based Access
Restrict downloads to users with specific roles (e.g., Admins, Managers). -
Connection-Based Access via Junction Tables
Limit downloads to users who are connected to the same company or entity via a shared junction table.
These enhancements give you fine-grained control over file access and help ensure sensitive documents are only viewed by the right users.
We'd love to hear your feedback.