Solved

Restricting Access in Navigators

Posted on 2002-06-07
6
291 Views
Last Modified: 2013-12-18
Hi All...
Is there any way to restrict access to various areas of a database at the navigator level?

I inherited a database to maintain.  Upon entering the database, the first thing the user sees is a full screen navigator (no views are shown).  What I'm trying to do is to enable only certain users to view everything in the database.  

Other users that click the navigator buttons to access restricted areas should not be able to.  Is there a way to do this?

I have seen instances where people click a navigator button pointing to restricted views, and the navigator says something like "The view does not exist" or something to that effect.  But then, it takes them into the view anyway.  Hardly an ideal way to restrict access.

Any help would be appreciated.  I'm using R5.

Thanks.  
0
Comment
Question by:Aquilon7
6 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 7062360
You can restrict access on the view level, or at the form level.
You should not need to do anything on the navigator.

If you really want to control the message shown, then use either an ACL or a role check on the action used to goto a specific area.

I'll include code in a minute

I hope this helps !


0
 
LVL 24

Accepted Solution

by:
HemanthaKumar earned 100 total points
ID: 7062391
Since you are controlling the navigation thru navigator you can use formula to check if the user is valid user to open the link

eg: if you have a role called Admin, who can see everything but a normal user cannot see the view called "Restricted" then the formula will be like this

@if( @isMember("[Admin]"; @UserRoles) ; @Command([OpenView] ; "Restricted" ); @Prompt([ok]; "No Access"; "Sorry, you don't have access to see this view !") )

You can simulate something like this for all other links

~Hemanth
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 7062396
sample :

I created a new field (always hidden) at the bottom of the Memo, Reply and Reply with History forms with the following validation formula:

@If( (!@Contains(@UpperCase(SendTo); "ALL USERS" : "USERS1" : "USERS2" : "USERS3" ) &
!@Contains(@UpperCase(CopyTo); "ALL USERS" : "USERS1" : "USERS2" : "USERS3" ) &
!@Contains(@UpperCase(BlindCopy); "ALL USERS" : "USERS1" : "USERS2" : "USERS3" )) ;
@Do(@DeleteField; @Return(@Success));
@Success);

CLASS := "Notes";
NOCACHE := "NoCache";
CACHE := "Cache";
SERVER := @Subset(@DbName; 1);
DATABASE := @If(Server = ""; "pnames.nsf"; "names.nsf") ;
VIEW := "Groups";
KEY := "SendToAllUsers";
FIELDNAME := "Members";

AuthList := @DbLookup(CLASS : CACHE; SERVER : DATABASE; VIEW; KEY; FIELDNAME);

@If(@IsMember( @Name([CN]; @UserName);@Name([CN];AuthList));
@Do(@DeleteField; @Return(@Success));
@Failure("You are not authorized to send e-mail to the All Users group. Please address your e-mail to the Bulletin Board database, using the e-mail address \'Bulletin Board\' (without the quotes)."))

All of our users have a cascaded copy of our public NAB, and it is always called "pnames.nsf". So the formula checks if the user is working locally, and does the lookup into the local copy of our public NAB if they are.

hth
Tom McArthur
Dawn Food Products

also
----------------
From: jerrith Date: 11/08/2001 06:37AM PST
Text Below
Question History
Accepted Answer
From: jerrith  Date: 11/08/2001 06:37AM PST  
Okay,
First of all the agent should be signed (saved by) a user that has access to all documents.

First of all, in the database ACL make sure you create all roles that are necessary.
In your case you need
[workflow]
[level1]
To create an extra role, open the database ACL and click on the roles tab. Then click add, to add a
new role.

In the basics tab, select the group you want to have access to documents restricted by a role by putting
a checkmark next to the role while the group is selected. (The roles are summed up on the bottom-right).

I also recommend adding an [admin] role that you assign only to the administrators group. (who should
always be present in all database ACL's with manager rights)

To publish a document, create two action buttons on the form. (In designer open the form and the click
create, action)
First action : Publish End Users
Formula :
FIELD Readers:="";
@command([FileSave]);

Second action : Publish Level1
Formula :
FIELD Readers:="[workflow]":"[level1]":"[admin]";
@command([FileSave]);

You see where I'm going, I guess. When you click the first button, the document will be readable by
everybody, since the readers field is empty, when you click the second button, only the mentioned roles
can read the document.

Also make sure that you only use the buttons when the document is in edit mode, otherwise the FIELD:=
won't work. (I'd recommend using a hide-when option to hide the actions when the document is being read).
 
I hope this helps !
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7066256
Cool, I've been quoted from another question :-)

Actually, if this is not a graphic navigator, but just a collection of buttons, you could opt to replace the navigator with an outline.(=new in R5)
When creating an outline entry you can use hide-when formula's to hide the 'menu item' from users that aren't allowed to access it.
You can embed the outline on the about page of the database for example and set the database to automatically launch the about document when it is opened.
Here you can set the properties of the embedded outline so it looks as nice as you want it to.

Hope this was helpful, if not let me know and I'll elaborate if you like.
0
 

Author Comment

by:Aquilon7
ID: 7066892
Thanks to everyone that responded.  Although I'm sure all of the responses would have worked, Hemanth's answer was the easiest to implement.

0
 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7069131
You're welcome :)
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
Lack of Storage capacity is a common problem that exists in every field of life. Here we are taking the case of Lotus Notes Emails, as we all know that we are totally depend on e-communication i.e. Emails. This article is fully dedicated to resolvin…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question