Controlled Access Sections - Anyone can edit!?!?!?

Hello everyone

Right, controlled Access setions..again!!  I have a section that I only want the document creator to be able to edit, so I've got the section formula as computed when composed to the @Username.. simple enough, should work, but no, everyone can still edit the section!!

It's strange because if you double click the section, it says the proper name (i.e. the creator) but still lets everyone edit it anyway, which is quite frustrating!!

Cheers

Ian
IanWoodAsked:
Who is Participating?
 
HemanthaKumarConnect With a Mentor Commented:
It doesn't matter if you have author or manager, the control access should work irrespective of the acl rights.

In your case the answer is in the question itself. You said you have @Username as the formula for the controlled access. SO which means any user edits or composes the form by default has edit access to the section.

If your intention was that first time composer can have edit access and subsequent users should just read.. then use @Username, with computed when composed option.

~Hemanth
0
 
ArunkumarCommented:
Whats the default ACL in the DB ?
0
 
IanWoodAuthor Commented:
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
IanWoodAuthor Commented:
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
 
IanWoodAuthor Commented:
It's editor.

Does it matter?  I thought that the sections refine the ACL..

I'm out of the office this afternoon, so won't be able to respond for a little while..

0
 
ArunkumarCommented:
It works best with Authors....
0
 
ArunkumarCommented:
Here is the help...

For users who are not listed as editors of the section, the fields appear as read-only. Editor access of the section does not override Editor access in the database access control list (ACL); it only refines it.
0
 
IanWoodAuthor Commented:
HurraH - Finally managed to dial-in!!

cool, I'll try it with authors instead.. :-)

I'm confused though (nothing new there!!) - What does refine mean then if it's not restrict access further?  

Cheers!!
0
 
Jean Marie GeeraertsApplication EngineerCommented:
Yo Hemanth, this is exactly what Ian did :-)
I always have a lot of problems with controlled access sections too. That's why in most applications, I use editable and computed for display fields.
The editable fields are visible to people that are allowed to update them, the display fields are visible to people that can only read the info in the fields.

Just a 'bypass' suggestion.

Regards,
JM
0
 
IanWoodAuthor Commented:
Cool, but I'd have to redesign the whole form :-( I can use it in a few other things I'm working on though..

I haven't had a chance to try yet, but I'll see if I can get away with using authors.. can't believe sections are this crap!! They seemed to be working properly a while ago..

By the way, Jerrith, do you hide the design of the db to stop users accessing info other ways (personal views/document properties etc.)?

Cheers

Ian
0
 
HemanthaKumarCommented:
JM, controlled access sections are really powerful when you use it properly.

BTW, Ian what is your requirement ?
0
 
IanWoodAuthor Commented:
Cool, but I'd have to redesign the whole form :-( I can use it in a few other things I'm working on though..

I haven't had a chance to try yet, but I'll see if I can get away with using authors.. can't believe sections are this crap!! They seemed to be working properly a while ago..

By the way, Jerrith, do you hide the design of the db to stop users accessing info other ways (personal views/document properties etc.)?

Cheers

Ian
0
 
IanWoodAuthor Commented:
Why do my posts keep erm 'posting' themselves?!?!?

Just to control access to the originator in this case, but I do have others db's in progress where the sections need to work for different names fields depending on the status but the prinicple is the same..

It's weird, even though the section says one name when double clicked it just seems to ignore it!!


 
0
 
IanWoodAuthor Commented:
Why do my posts keep erm 'posting' themselves?!?!?

Just to control access to the originator in this case, but I do have others db's in progress where the sections need to work for different names fields depending on the status but the prinicple is the same..

It's weird, even though the section says one name when double clicked it just seems to ignore it!!


 
0
 
HemanthaKumarCommented:
BTW, what version of notes do you have ?

ComputedWhencomposed should work fine for the case of originator.

Try not to refresh the web page after the post, use reload question link.
0
 
Jean Marie GeeraertsApplication EngineerCommented:
If fields are only to be read by certain people and security is important, I use encryption keys. This way the user needs the correct encryption key to read the field and the value does not show up in the design tab of the document properties.
For web use, this is not an issue, since the user can't see anything you don't show on the web :-)

I do most of my design work for web applications and I don't like the way the sections look in a web interface, that's the main reason why I use display fields. That way I control the layout of my forms the way I want.

I guess controlled access sections and I have a hate/love affair. They're very useful in some cases, a pain on other occasions. :-)
0
 
IanWoodAuthor Commented:
They're certainly being a pain for me..

Version 5.0.8

0
 
HemanthaKumarCommented:
Create a hidden field called control as computedwhencomposed with @username in it and then use that field value into your controlled access section... See if it does some good !
0
 
Jean Marie GeeraertsApplication EngineerCommented:
And in that case, shouldn't he also use "Computed" for the controlled access section in stead of "computed when composed"?

One reason why I don't like these sections is that when authorization for the document changes, it happens to me that the old person still has access and the new person doesn't and I have a hell of a time figuring out why. (I usually find the solution eventually, though)
0
 
HemanthaKumarCommented:
It doesn't matter if it is a computed for display or computed or computed when composed. This is to check if there is any bug in the release.

To avoid locking down of the document, you as well include a global role which will be present in all documents, which is a normal practice !
0
 
Jean Marie GeeraertsApplication EngineerCommented:
I agree, Hemanth.
I always tend to have the role [ADMIN] in all non-blanc reader fields to make sure that at least an administrator can view/edit the document in case of problems.
0
 
ZvonkoSystems architectCommented:
IanWood,
No comment has been added to this question in more than 699 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:

RECOMMENDATION: Award points to HemanthaKumar http:#7130255

Any objections should be posted here in the next  4  days. After that time, the question will be closed.

Thanks,
Zvonko
EE Cleanup Volunteer
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.