Configure permissions

By default, tasks in Airplane have "team access" permissions—anyone on the team can access and execute. Airplane supports role-based access control, allowing you to customize which users have access.

Editing permissions

Editing permissions can be done from the UI or from code. As an example, let's edit permissions for a task in your library by clicking on the "Share" button. (For a guide on creating tasks, see Build a SQL task or Build a task with code).
In the "Share" popover, you can choose between "Everyone at your team" (default) or "Specific members or groups" (explicit permissions).
When specifying explicit permissions, you can choose users or groups to assign "roles" to. "Roles" are groups of permissions that you'll want to apply together, e.g. a "Viewer" role has all the permissions needed to read but not execute a task.
It's recommended to use Groups for permissions. That way, as new users join (or leave) your team, you can add them to groups and automatically grant them all the relevant permissions.
Try adding a group or user with the Requester role, and another with the Viewer role. Make sure the user isn't a Team admin, or else they'll have admin access regardless of these settings.
You can also configure permissions in code in the task configuration. Once task permissions are configured in code, they will no longer be editable in the UI.

Approvals

The Requester role allows you to make use of Airplane's approvals system. When a user has requester but not executer access, they'll see a request button.

Wrapping up

This concludes the getting started guide to Airplane. We've covered creating tasks, views, and more.
As you explore and build on Airplane, you'll find the rest of the documentation helpful in using various integrations and building advanced features. Be sure to check out the Documentation homepage and Resources overview.
If you have any questions or feedback, don't hesitate to reach out: support@airplane.dev.