• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 560
  • Last Modified:

Reader & Author Fields Issue


I have an application where read and write access is controlled by a Reader and an Author field to control viewing and editing access by country.  It isn't working as expected.

Basically I have a document where the Authors field contains the roles:-


The Readers field contains the following roles:-


The ACL is setup as follow:-

"Uk Group" with Reader access only and the [UK] role (to allow anybody in the Uk group to see UK documents)

"Editor Group" with Author access and the [ED] role (to allow them to edit any documents the Readers field allows them to see)

"Power User Group" with the [PU] role (to allow them to edit all documents they can see and also lets them access setup functions)

The idea is that only people in the UK group have the [UK] role and therefore can only see the UK documents and then only people who have either the [ED] or [PU] (Editor or Power User) roles (as well as the [UK] role) can actually edit documents for the UK.

A person setup as as editor for the UK ([ED] and [UK] roles) can incorrectly see other countries documents as well when they should only be able to see UK documents.

Any ideas?  Sorry it's a bit muddled, I can clarify anything if needs be..

Many Thanks

1 Solution
Change the Editor access to Author access and test.
This works as designed : all roles in the Authors field can Read the documents too, even if they are not in the Readers field.

So everybody with an ED role, will see ALL documents that have ED in the Authors field.

Now what can you do about this ?  If you don't have too many countries, you could create a role per country (EDUK, EDUS , etc).
This becomes impractical if you have a lot of roles, and there is a limit to number of roles supported.

Another possibility is to use groups in the Authors field.  There you can use as many groups as you like (eg. Editors_UK, Editors_US), but you 'll have to make sure the people in the groups have access to the database !


IanWoodAuthor Commented:
Thanks for that!

I had a feeling that was what was happening with the authors field overriding the reader, but was hoping otherwise!  I started off with EDUK etc, but as you mentioned there are lots of countries and hit the limit on the number of roles.

Looks like using the groups is the way forward..
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Create two groups

UKReaders  - Give Reader Access
UKEditors  - Give Author/Editor Access

Assign both of them to UK Role, and in your document Author field should contain


& Readers field set to

These security fields just leverage the access of the persons to that of ACL.

In this setup when uk reader login, he is at reader access and is not promoted to Author but is set to Reader... Similarly UK Editors login, he is at author level and take the benefit of edit capability on the document

IanWoodAuthor Commented:
Nice one, Cheers!  I'll give it a go and let you know..
One more comment.

If you use any of the group or Role methods, you have to use the
Enforce Consistant ACL, or someone can bypass your ACL settings on a local replica.

I hope this helps !
IanWoodAuthor Commented:

I (finally) tried your suggestion, it works fine for readers, BUT the Editors can see any countries documents and not just their own?  Any way round this or is it back to using group names in the author/reader fields?



PS i've uped the points in an attempt to make up for my tardyness! ;-)
Small correction....Remove [ED]:[UK] from the Authors field.. It is not needed...

This will now properly show the documents that editors are enabled to look at !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now