Make Group Sharing Restrictive for Organization-Published Artifacts
N
Noah Jones
Problem:
Currently, when publishing an artifact to Organization level and selecting specific groups, the group selection acts only as a notification layer—it does not restrict access. All workspace members can still view the artifact regardless of group selection.
This is:
Misleading UI — the "select groups" option suggests access control but doesn't provide it
A security concern — sensitive, department-specific artifacts cannot be truly restricted
Incomplete for governance — no way to enforce department-level access control for sensitive content
Requested Behavior:
When groups are selected during Organization artifact publishing, access should be restricted to those groups only. Unselected workspace members should not be able to view the artifact.
Use Case:
Department-level access control—e.g., Finance department artifacts shouldn't be visible to all workspace members, only Finance team members.
Current Workaround:
Keep sensitive artifacts Private (but this prevents broader sharing within approved groups).