Hi, Jon.
Thank you for your answer

So I was thinking....i can filter the displayed values via custom webparts (using Javascript API, eg. QueryWebPart).
This way users see only the rows I want them to see.

And the only real problem is that users are able to click their way to the exposed table (via lookup in query webpart which redirects them to details about the specific item -> and then all they need to do is click "Show grid"

(or simply type the URL - which can be guessed even if I didn't let them know it exists)

both ways redirect them to page with URL like this:
http://localhost:8080/labkey/query/FOLDER_PATH/executeQuery.view?schemaName=coredatamodule&query.queryName=SampleTypes

with whole table data exposed. this seems unfortunate to me.
can't this be made forbidden? (access to this url)

I need them to be able to read (or submit) information from the table, but also want to be able to select which information exactly. There should be no way for them to access the whole table.

I intend to provide manipulation with tables ONLY via custom webparts.

Am i aiming for the impossible?

Best regards,
Martin