Users who are granted the overall Query (Configurable Joins - Base Access) and Query (Configurable Joins - Join Access) permissions will be able to build queries on and join to any Record, Related, or System base. More limited access can be granted using:
- Individual base permissions - Click the Expand Permissions link next to Query (Configurable Joins - Base Access) to grant users the permission to create queries using only the selected bases.
- Individual join permissions - Similarly, expanding Query (Configurable Joins - Join Access) enables access to be granted only to specific joins.
- Population-aware query bases - On the Population tab of the user account, granting the Query - Person or Query - Application permission will allow a user to create queries on the Person by Population or Application by Population bases, which will return only records in the populations to which the user has access.
- Custom field permissions - Read permissions set on custom fields are enforced within Configurable Joins exports and filters. If a custom field has a permission set -- and the user does not have that permission -- they will not be able to select the field as an export or filter.
For more on managing Configurable Joins permissions, review the articles in the Controlling Record Access section of the Knowledge Base.