Solved

Running a script as a different userid

Posted on 2000-03-28
6
180 Views
Last Modified: 2013-12-18
I have a database where only people with a certain role have access to a view.  However, I want all users to do a behind the scenes lookup on this status view using the getdocumentbykey method.  It works great for me, but when users who are not assigned to the role run the script, it doesn't work because it can't find the view.  Is there anyway to have the script run for users as though I had clicked the button?  Thanks.
0
Comment
Question by:mphel
6 Comments
 
LVL 5

Expert Comment

by:snocross
ID: 2665349
Perhaps you could create a stripped down version of the view containing just the data that you don't mind them seeing (the data that you are looking up).  Then neatly tuck the view away somewhere... I have a directory called system so my lookup views are arranged like (system\customerLookup, system\personLookup etc) but I also use document level security so they can only perform a lookup on the docs they are allowed to see.
0
 

Author Comment

by:mphel
ID: 2667557
I would rather that the people don't even have a stripped down view because they can still click on the document and see the value of fields using the document properties dialog.  I don't think it will be a big problem, but it was just something I wanted to avoid.

I'm guessing that there's no way to do what I originally wanted.
0
 

Expert Comment

by:srandrews
ID: 2668516
If you only want users to see certain information in the document why don't you encrypt the fields and send the encryption key to the users that you do want to see the info?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 2668898
Hi

Create views for the lookup and hide them, by using bracket notation, i.e. any view surrounded by brackets are hidden from the user ( not always ), if the user is a savvy user he can view the design and scroll through the document in the hidden views.

eg: tempView is always shown, but (tempView) is hidden, but can be looked up.

If u control the hiding by access, then you may have to give the user that access for lookup.

Good luck
~Hemanth
0
 
LVL 1

Expert Comment

by:sk5t
ID: 2671206
Remember, "view" security is no security at all.  If you're trying to keep users from viewing documents purely by placing those documents in a view they cannot access, you really have accomplished nothing.  Protect entire documents with Readers fields, and parts of documents with encryption.
0
 
LVL 3

Accepted Solution

by:
Simon_Hendry earned 100 total points
ID: 2671343
You could hide the view a HemanthaKumar says using the () brackets around the name... This does not stop people opening the view by holding down CTRL+Shift while opening the database...

The best solution for this is to create a bit of code in the QueryOpen event of the view that check whether the person is a member of a role or a group and if they are not sets Continue to false.... That way the user can still use DBLookup or use documentbykey etc to get information from the view , but they cannot open it from the UI  to see all of the documents. ( obviously you remove the other security on the view so they )


Code Example::: Put this is the Query Open Event of the View , checks to see if the user is in the Admin role.. If they aren't it wont let them open the view ... This doesn't effect backend code because is only runs when the view is opened via the UI...


     Const NotesMacro$ = "@IsMember(@UserRoles;""[Admin]"")"
     Dim Ret As Variant
     
     Ret = Evaluate(NotesMacro$)
     If Cstr(Ret(0)) = "0" Then
          Msgbox "You cannot Access this view"
          Continue = False
          Exit Sub
     End If


Have Fun
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Lotus Notes Mail Database issues 2 894
Lotus Notes - Broken Links report 5 201
Entry not found in index or view's index not built 4 83
Domino Website - Redirection 12 47
I thought it will be a good idea to make a post as it will help in case someone else faces these issues. I trust this gives an idea how each entry in Notes.ini can mean a lot for the Domino Server to be functioning properly. This article discusses t…
For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
A short film showing how OnPage and Connectwise integration works.
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now