• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 194
  • Last Modified:

Running a script as a different userid

I have a database where only people with a certain role have access to a view.  However, I want all users to do a behind the scenes lookup on this status view using the getdocumentbykey method.  It works great for me, but when users who are not assigned to the role run the script, it doesn't work because it can't find the view.  Is there anyway to have the script run for users as though I had clicked the button?  Thanks.
1 Solution
Perhaps you could create a stripped down version of the view containing just the data that you don't mind them seeing (the data that you are looking up).  Then neatly tuck the view away somewhere... I have a directory called system so my lookup views are arranged like (system\customerLookup, system\personLookup etc) but I also use document level security so they can only perform a lookup on the docs they are allowed to see.
mphelAuthor Commented:
I would rather that the people don't even have a stripped down view because they can still click on the document and see the value of fields using the document properties dialog.  I don't think it will be a big problem, but it was just something I wanted to avoid.

I'm guessing that there's no way to do what I originally wanted.
If you only want users to see certain information in the document why don't you encrypt the fields and send the encryption key to the users that you do want to see the info?
Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.


Create views for the lookup and hide them, by using bracket notation, i.e. any view surrounded by brackets are hidden from the user ( not always ), if the user is a savvy user he can view the design and scroll through the document in the hidden views.

eg: tempView is always shown, but (tempView) is hidden, but can be looked up.

If u control the hiding by access, then you may have to give the user that access for lookup.

Good luck
Remember, "view" security is no security at all.  If you're trying to keep users from viewing documents purely by placing those documents in a view they cannot access, you really have accomplished nothing.  Protect entire documents with Readers fields, and parts of documents with encryption.
You could hide the view a HemanthaKumar says using the () brackets around the name... This does not stop people opening the view by holding down CTRL+Shift while opening the database...

The best solution for this is to create a bit of code in the QueryOpen event of the view that check whether the person is a member of a role or a group and if they are not sets Continue to false.... That way the user can still use DBLookup or use documentbykey etc to get information from the view , but they cannot open it from the UI  to see all of the documents. ( obviously you remove the other security on the view so they )

Code Example::: Put this is the Query Open Event of the View , checks to see if the user is in the Admin role.. If they aren't it wont let them open the view ... This doesn't effect backend code because is only runs when the view is opened via the UI...

     Const NotesMacro$ = "@IsMember(@UserRoles;""[Admin]"")"
     Dim Ret As Variant
     Ret = Evaluate(NotesMacro$)
     If Cstr(Ret(0)) = "0" Then
          Msgbox "You cannot Access this view"
          Continue = False
          Exit Sub
     End If

Have Fun
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now