I have been facing an issue for a while now and want to get to the bottom of this not just for my own use but to help this community too.
I have looked and delved into row level permissions and been strict with django settings for groups and individual users.
Background for using KoboToolBox
I as part of the IT Team for my company have been asked to develop a system using KoboToolbox on our own server that has three user levels
Super user - can do everything
Admin - can do everything apart from delete things
RLO - who can view forms and submit form data as well as viewing forms she has published.
Contractor - who can only view forms and submit form data
I have set access levels up to a point and viewing and filling the forms has been tested and form data can be turned into reports as required but as a contractor with minimal access these users can still clone the forms alongside delete them, the option to download the xml or xsl is also irrelevant for them.
I have been having this issue for around a month now and still feel like this can be done however I have not found a fix or workaround.
In due course as the business grows i could see this being built and developed so people such as those related to dealing with the administrative side such as Sage and Eque2 being incorporated to KoboToolbox but I’d need these actions for deleting forms and extended privileges sorted in order to make our business tasks more automated and less work within this system.
I have had several discussions and learnt about modifying the source code and I can develop but I’d need a tutorial or someone to tell me steps to take. I can develop and be able to resolve this issue when i get a point in the right direction.
Previous issues: Access Permissions and steps taken so far!