?
Solved

ACL Choice List

Posted on 2003-02-24
13
Medium Priority
?
274 Views
Last Modified: 2013-12-18
How do I display a list of the DB ACL for choices ina dialogue box on the web?
0
Comment
Question by:fayeb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 

Author Comment

by:fayeb
ID: 8008983
Sorry, I have worded the question wrong it should be:

How do I display a list of the groups that the current user is a member of?
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 8009056
Ok, do like this:

Create Field of type DialogList
Enter formula for choices same as field name and put it as text without quotas.
I choosed this field name:
ACLentries

So, next enter for this form containing that field a WebQueryOpen agent, like this:
@Command([ToolsRunMacro]; "LookupACL")

Now all you need is ths "LookupACL" agent.
Here it comes:

Sub Initialize
     Dim session As New NotesSession
     Dim db As NotesDatabase
     Dim acl As NotesACL
     Dim aclEntry As NotesACLEntry
     Dim doc As NotesDocument
     Dim item As NotesItem
     Set db = session.CurrentDatabase
     Set doc = session.DocumentContext
     Set item = doc.ReplaceItemValue( "AclEntries", "")
     Set acl = db.ACL
     Set aclEntry = acl.GetFirstEntry
     While Not (aclEntry Is Nothing)
          Call item.AppendToTextList( aclEntry.Name )
          Set aclEntry = acl.GetNextEntry( aclEntry )
     Wend
End Sub

Give it a try.

So long,
Zvonko

0
 
LVL 63

Expert Comment

by:Zvonko
ID: 8009075
Sh!t :-)

The second question is quiet more easy.
Put into your DialogList formula this formula:
@UserNamesList

And remove the entries you do not like.
But try this first and tell me what you see and what you would like to remove from the list.

So long,
Zvonko

0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:fayeb
ID: 8009203
I've tried @UserNameList but it brings back all the roles which is not what I want.

I am trying to allow a superuser who is in all user groups to be able to select which group they would like to log in as so they are able to simulate what another user in that group would see.
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 8009673
Then you have to use my upper agent with this extra if-statement looking for Groups:

Sub Initialize
     Dim session As New NotesSession
     Dim db As NotesDatabase
     Dim acl As NotesACL
     Dim aclEntry As NotesACLEntry
     Dim doc As NotesDocument
     Dim item As NotesItem
     Set db = session.CurrentDatabase
     Set doc = session.DocumentContext
     Set item = doc.ReplaceItemValue( "AclEntries", "")
     Set acl = db.ACL
     Set aclEntry = acl.GetFirstEntry
     While Not (aclEntry Is Nothing)
          If aclEntry.IsGroup Then Call item.AppendToTextList( aclEntry.Name )
          Set aclEntry = acl.GetNextEntry( aclEntry )
     Wend
End Sub

Good luck,
Zvonko

0
 

Author Comment

by:fayeb
ID: 8015592
I cant use webquery open agents
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 8015947
Why not?
0
 

Author Comment

by:fayeb
ID: 8016781
Because the company do not want me to use user triggered agents
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 8016900
Strange...

Ok, then the only option is to filter your ACL entries by some common string in Group names not found in other ACL entries.
The problem is that you can not recognize the entry type when you fetch them by @UserNamesList.
They are all simply strings.

Do you have some eye catcher in your Group names?


0
 
LVL 7

Expert Comment

by:scottrma
ID: 8019486
"select which group they would like to log in as"

You don't authenticate to a server as a GROUP, you authenticate as a USER. When you attempt to access a server, Domino builds a list of groups that you (the user) are in, directly and indirectly (nested groups). It builds this list for 2 reasons:

1) To determine whether you appear in the Deny or Allow access lists for the server

2) For database access

The list is built from looking at the $ServerAccess view in the Public NAB and is cached in memory by the Domino server.

Therefore, you cannot simulate what another user experiences unless you log in as that user or as another user who has exactly the same rights. Just being in the same group as that user is not enough, as Domino automatically builds a list of ALL groups that you are a member of (including nested groups) the minute you access the server.

So you would have to use another ID or web login (if this is a web applicaction) to effectively simulate this.

Regards,

Scott
0
 

Author Comment

by:fayeb
ID: 8823503
I fixed this myself by using a cookie to store user roles instead of using note roles.  This wasn't the most secure option but the data contained is critical data!

I am posting to have this question closed/deleted.
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
ID: 8839666
PAQ'd and points refunded.

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IBM Notes offer Encryption feature using which the user can secure its NSF emails or entire database easily. In this section we will discuss about the process to Encrypt Incoming and Outgoing Mails in depth.
Notes Document Link used by IBM Notes is a link file which aids in the sharing of links to documents in email and webpages. The posts describe the importance and steps to create a Lotus Notes NDL file in brief.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question