Solved

Controlled Access Sections - Anyone can edit!?!?!?

Posted on 2002-07-04
23
379 Views
Last Modified: 2013-12-18
Hello everyone

Right, controlled Access setions..again!!  I have a section that I only want the document creator to be able to edit, so I've got the section formula as computed when composed to the @Username.. simple enough, should work, but no, everyone can still edit the section!!

It's strange because if you double click the section, it says the proper name (i.e. the creator) but still lets everyone edit it anyway, which is quite frustrating!!

Cheers

Ian
0
Comment
Question by:IanWood
  • 9
  • 5
  • 4
  • +2
23 Comments
 
LVL 9

Expert Comment

by:Arunkumar
ID: 7129737
Whats the default ACL in the DB ?
0
 

Author Comment

by:IanWood
ID: 7129797
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
 

Author Comment

by:IanWood
ID: 7129799
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
 

Author Comment

by:IanWood
ID: 7129801
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
 
LVL 9

Expert Comment

by:Arunkumar
ID: 7129808
It works best with Authors....
0
 
LVL 9

Expert Comment

by:Arunkumar
ID: 7129819
Here is the help...

For users who are not listed as editors of the section, the fields appear as read-only. Editor access of the section does not override Editor access in the database access control list (ACL); it only refines it.
0
 

Author Comment

by:IanWood
ID: 7130226
HurraH - Finally managed to dial-in!!

cool, I'll try it with authors instead.. :-)

I'm confused though (nothing new there!!) - What does refine mean then if it's not restrict access further?  

Cheers!!
0
 
LVL 24

Accepted Solution

by:
HemanthaKumar earned 50 total points
ID: 7130255
It doesn't matter if you have author or manager, the control access should work irrespective of the acl rights.

In your case the answer is in the question itself. You said you have @Username as the formula for the controlled access. SO which means any user edits or composes the form by default has edit access to the section.

If your intention was that first time composer can have edit access and subsequent users should just read.. then use @Username, with computed when composed option.

~Hemanth
0
 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7131867
Yo Hemanth, this is exactly what Ian did :-)
I always have a lot of problems with controlled access sections too. That's why in most applications, I use editable and computed for display fields.
The editable fields are visible to people that are allowed to update them, the display fields are visible to people that can only read the info in the fields.

Just a 'bypass' suggestion.

Regards,
JM
0
 

Author Comment

by:IanWood
ID: 7132029
Cool, but I'd have to redesign the whole form :-( I can use it in a few other things I'm working on though..

I haven't had a chance to try yet, but I'll see if I can get away with using authors.. can't believe sections are this crap!! They seemed to be working properly a while ago..

By the way, Jerrith, do you hide the design of the db to stop users accessing info other ways (personal views/document properties etc.)?

Cheers

Ian
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 7132040
JM, controlled access sections are really powerful when you use it properly.

BTW, Ian what is your requirement ?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:IanWood
ID: 7132059
Cool, but I'd have to redesign the whole form :-( I can use it in a few other things I'm working on though..

I haven't had a chance to try yet, but I'll see if I can get away with using authors.. can't believe sections are this crap!! They seemed to be working properly a while ago..

By the way, Jerrith, do you hide the design of the db to stop users accessing info other ways (personal views/document properties etc.)?

Cheers

Ian
0
 

Author Comment

by:IanWood
ID: 7132074
Why do my posts keep erm 'posting' themselves?!?!?

Just to control access to the originator in this case, but I do have others db's in progress where the sections need to work for different names fields depending on the status but the prinicple is the same..

It's weird, even though the section says one name when double clicked it just seems to ignore it!!


 
0
 

Author Comment

by:IanWood
ID: 7132181
Why do my posts keep erm 'posting' themselves?!?!?

Just to control access to the originator in this case, but I do have others db's in progress where the sections need to work for different names fields depending on the status but the prinicple is the same..

It's weird, even though the section says one name when double clicked it just seems to ignore it!!


 
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 7134296
BTW, what version of notes do you have ?

ComputedWhencomposed should work fine for the case of originator.

Try not to refresh the web page after the post, use reload question link.
0
 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7137310
If fields are only to be read by certain people and security is important, I use encryption keys. This way the user needs the correct encryption key to read the field and the value does not show up in the design tab of the document properties.
For web use, this is not an issue, since the user can't see anything you don't show on the web :-)

I do most of my design work for web applications and I don't like the way the sections look in a web interface, that's the main reason why I use display fields. That way I control the layout of my forms the way I want.

I guess controlled access sections and I have a hate/love affair. They're very useful in some cases, a pain on other occasions. :-)
0
 

Author Comment

by:IanWood
ID: 7137324
They're certainly being a pain for me..

Version 5.0.8

0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 7138837
Create a hidden field called control as computedwhencomposed with @username in it and then use that field value into your controlled access section... See if it does some good !
0
 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7139765
And in that case, shouldn't he also use "Computed" for the controlled access section in stead of "computed when composed"?

One reason why I don't like these sections is that when authorization for the document changes, it happens to me that the old person still has access and the new person doesn't and I have a hell of a time figuring out why. (I usually find the solution eventually, though)
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 7140448
It doesn't matter if it is a computed for display or computed or computed when composed. This is to check if there is any bug in the release.

To avoid locking down of the document, you as well include a global role which will be present in all documents, which is a normal practice !
0
 
LVL 8

Expert Comment

by:Jean Marie Geeraerts
ID: 7140457
I agree, Hemanth.
I always tend to have the role [ADMIN] in all non-blanc reader fields to make sure that at least an administrator can view/edit the document in case of problems.
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 11250745
IanWood,
No comment has been added to this question in more than 699 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:

RECOMMENDATION: Award points to HemanthaKumar http:#7130255

Any objections should be posted here in the next  4  days. After that time, the question will be closed.

Thanks,
Zvonko
EE Cleanup Volunteer
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Lack of Storage capacity is a common problem that exists in every field of life. Here we are taking the case of Lotus Notes Emails, as we all know that we are totally depend on e-communication i.e. Emails. This article is fully dedicated to resolvin…
This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now