Hi Martin,

Your assessment is correct. Permissions are typically on the project and folder level in addition to roles.

At this time, the only other security that is a little more granular is tied to Study, specifically securing datasets. So unless your custom module is designed to emulate the Study module, the only way to prevent anyone from accessing those specific tables is to deny them any access to that folder or project, even as a reader.

For more information on LabKey security, please visit the following links:

https://www.labkey.org/wiki/home/Documentation/page.view?name=security
https://www.labkey.org/wiki/home/Documentation/page.view?name=configuringPerms
https://www.labkey.org/wiki/home/Documentation/page.view?name=studySecurity

Regards,

Jon