Form Level Security

Posted on 2003-11-14
Last Modified: 2013-12-18
Hi all, i have a form which multiple people fill out. Rather than have a different view for each person so they can not see each others forms, how could i have just 1 view and the people would see only forms they submitted. Basically is there a way on the form i can say who ever orginally created this and the admin role can see this particular document, but no one else can.

Jason Incarnato
Question by:unknown45
  • 3
  • 2
  • 2
LVL 31

Expert Comment

ID: 9750377
Add two COMPUTED WHEN COMPOSED readers names field, with the following formulas:

1: @UserName
2: "[Administrator"

(For #2, ths would be to allow reading by anyone that has an ACL role of Administrator.)
LVL 24

Expert Comment

ID: 9750451
Setting up the readers field is the way to go. Not necessarily two fields a single field with multi values will do.

The formula should be like this

@Unique(DocReaders : @UserName : "[AdminRole]")

Second consideration that might have to be taken care would be to Enable "Don't show categories having zero documents" if you have categorized column in the view. This setting is available in Views property .. Advanced tab.

LVL 31

Expert Comment

ID: 9750467

I like two fields because of all the times I've seen people forget to check off "allow multiple values," and then nobody has access.  I've seen top dog Notes guys get themselves in a bind this way!
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

LVL 24

Expert Comment

ID: 9750508
I agree, But there were situations where people forgot the existence of other readers/authors field and get into trouble.

Author Comment

ID: 9750524
I have everyone listed in the access control list of the database and most of them have over reader rights, so then all of them would be able to access this document. If i remove them from the database ACL list then they couldn't access the form correct?
LVL 31

Accepted Solution

qwaletee earned 500 total points
ID: 9750616
I'm not sure what you just said, very confusing language.

Readers fields are an optional setting on documents that restricts who can see the document.  No reader field (or all blank reader fields) provide no restriction.  Adding a readers fields means that only those listed in teh readers field (or the combination of people listed in multiple reads fields) will get to see the document, regardless of ACL settings.  So, the readers field has nothing to do with ACL reader access, or acl author access, or acl manager, etc.

Author fields are different.  They allow "editor" access to a particular document for someone listed in the ACL as Author; otherwise, that person is treated as a reader of the document.  (In addition, the Author field overrides reader restrictions - an author is always treated as a reader, even if not explicitly listed in a reader field.  if there are no reader fields, or only blank reader fields, this does not apply, as there are no reader restrictions there anyway.)

If you are not listed in the ACL at all, then default access applies to the user.

I will reiterate on point: If you are listed in ACL as a reader, but there is a document with a readers field in it, then you will NOT be able to read that document unless you are also in teh reader field for that document. Reader access has NOTHING to do with reader fields.

Author Comment

ID: 9750649
Thanks, Qwaletee. Yes I guess I didn't express myself very clearly but you did a good job a deciphering it!

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Email relaying to outside address 4 170
Problem setting value in rich text field with action 11 59
Lotus notes Formula to trigger Lotusscript 1 632
xss alert in domino url 9 32
You’ve got a lotus Domino web server, and you have been told that “leverage browser caching” is a must do. This means that we have to tell the browser everywhere in the web to use cache. In other words, we set (and send) an expiration date in the HT…
For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question