ConfiForms plugin uses and follows Confluence permissions model.
You can restrict ConfiForms controls (such as fields and edit controls) to certain user groups and users, usually a comma separated list is expected (could be mixed of groups and users)
In ConfiForms:
- each form has an administrator(s) - a user(s) who can do all the operations with stored data
- form administrator is the one who has EDIT permissions on the page where form is configured or ConfiForms Form macro has explicitly set this person (or a group) as form administrator
- each stored entry has an owner, a user who has created this entry.
- an owner could change the entry data (unless edit functionality is disabled)
- an administrator could change any entry, he has also permissions to export stored data in XML, CSV, JSON and EXCEL formats
- entry owner is a mutable field and could be changed by a form administrator
- stored data is visible to a user if he has access to the page where form is configured (page VIEW permission)