In our organisation we have a common situation where authors of a form would like to share the form publicly – usually as widely as possible. At the same time we would like to control who can edit the content, and especially, who can access the form responses (because these are often sensitive).
Access lists is a great feature for improving security. Without access control, there is always a risk that the 'edit' link for a document will somehow get into the wrong hands, exposing also form data. However, enabling an access list is unfortunately not an option when a document needs to be shared publicly.
It would be great if access control for viewing a document (or filling in a form) could be decoupled from "author" functions like editing the content, or viewing form responses.
One way of implementing this might be to restrict the functionality exposed by 'edit' links to document owners. Or, perhaps, introduce an 'Authors' tab in the Access dialog (in addition to 'List' and 'Owners'), where specific users can be given author rights.
In any case, huge thanks to everyone involved in making Cryptpad– it's invaluable for us and much appreciated!
