Record-Level Permissions
Control which records users can see based on assignment.
Overview
Breadbox enforces record-level permissions on top of role-based permissions. Users with VIEW or EDIT access to a resource see only records assigned to them. Users with MANAGE access see all records.
How Scoping Works
| Resource | Assignment Field | Effect |
|---|---|---|
| Accounts | accountManagerId | Reps see accounts assigned to them |
| Deals | ownerId | Reps see deals they own |
| Prospects | salesRepId | Reps see prospects assigned to them |
Who Sees What
- Admin — always sees all records (no filtering)
- MANAGE permission — sees all records for that resource
- EDIT or VIEW permission — sees only records assigned to them