Prevent read only users from deleting documents

I have a form and on this form, there are 2 fields which is an editable Readers field called AuthorizedReader and an editable Authors field call AuthorizedAuthor.
AuthorizedReader(consist of multi-values) can only read the document
AuthorizedAuthor(consist of multi-values) can read and edit and also delete document.

There are many documents in this db, thus users in AuthorizedReader field in document A may be users in AuthorizedAuthor field in document B.


How do I code my form to make it tat only users in field AuthorizedAuthor can delete the document, disallowing users in AuthorizedReader from deleting?

Pls advise.
Thank you.
kopibeanAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Bozzie4Connect With a Mentor Commented:
In my method, it's really necessary to create a view to show all deleted documents.  You don't have to show that view to anyone, though.
Use a name like (Deleted Documents) (the brackets will hide it from the default outlines), and set read restrictions on it.

Now create an agent, with formula
SELECT @adjust(@today;0;0;-14;0;0;0) > @modified;
@DeleteDocument

And a selection 'only document in folder :  (Deleted Documents)'  .  Schedule this agent to run every day (at night), and sign it with an id that can read all documents (can be yours)

This does not handle the situation where you deleted documents that have responses !  You'll need a more sophisticated agent for that.  But the standard delete does not handle that either :-)

Anyway, an Author can only delete a document that he or she can edit (hence, where he/she is in the Authors field, or when there isn't an Authors field, that he/she created)

cheers,

Tom
0
 
ZvonkoSystems architectCommented:
In client you can return False feedback to Continue parameter of the event QueryDocumentunDelete
QueryDocumentunDelete is found in Database Resources
0
 
Bozzie4Commented:
A user in a readers field CANNOT delete the document (unless he's manager/editor with delete rights).   But to be entirely on the safe side, I generally NEVER give the Delete rights to ANYONE (except myself :-) ).
I generally set a flag : a field, DELETED, is set to "1" and all views have as extra selection " & DELETED!="1" " to stop them from showing 'deleted' documents.
Then deleting becomes a question of setting the field value to "1" .  Use a button to do this, and hide the button for everyone except AuthorizedAuthor .  Code is simple :
FIELD DELETED:="1";
@command([Filesave]);
@command([fileclosewindow])

You then make a view to show all these deleted documents (only to managers/admins ), and write an agent to periodically clear the data here.
This also gives you the chance to do 'undelete' s withoug using the 'Soft Delete' feature.  Of course, Editors/Designers/Managers can create agents to set this field value, and delete documents.  But because they still can't really delete, the documents will remain in the database untill purged.

You can optionally also catch the QueryDocumentDelete event to redirect it to setting the field value, only for authorized users.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
Bozzie4Commented:
Oh, yeah, this also works for the web, so smart guys deleting documents from the web interface will be blocked too (something that setting Continue=false will NOT do)

cheers,

Tom
0
 
ZvonkoSystems architectCommented:
Sorry, wrong answer.
You have not to programm anything.
Give to all those People only Athors acces in the database ACL.
If in a document a user is authorised to be Author, then he can also delete the document.
In a document where he is not an Author he cannot Edit, and therefore he cannot Delete.

0
 
ZvonkoSystems architectCommented:
I mean my first comment.  
Good Morning Tom :-)
0
 
ZvonkoSystems architectCommented:
As a consequeny of ACL Author rights you need NO Readers fields. You need not to maintain those fields. Manage the complette database by Authors ACL rights.
If the Default is NoAcces, then all authors are Readers to any document. To documents where they are authors they are Editors. So you can give them also the Delete checkbox in the ACL.

0
 
Bozzie4Commented:
I suppose the real problem is preventing Editors and higher to delete documents.

And a good morning to you too :-)

Tom
0
 
ZvonkoSystems architectCommented:
Was the Authors Delete prevention the question? I did not understood it in that way. Let us see.

And if you have one or more Readers fields in some Document, and at least one of the Readers field has a Value, then is that Document accessible ONLY, I repeat ONLY, to those users who are either listed in Readers or Autors field values as Person, Group or Role owner. Danger! Even as Manager are those Documents after closing Orphans to you and never accessible again.

0
 
ZvonkoSystems architectCommented:
Ok, in R6 is that danger is not so eminent because the Readers fields restriction was partial released, but in R4 and R5 was that an absolute danger. Sometimes you have a big database and no visible documents in it. That was scary :)
0
 
ZvonkoSystems architectCommented:
Oh, and because I was talking just about Readers field in Documents, the next stage of that story is that Design elements, for example Views do have also Readers access rights. Then you can have strange behaviour looking at the database if you have several Views with the same name but visible only with appropriate Readers access rights even with Dessigner access rights in the ACL.

0
 
Bozzie4Commented:
Well I would never put a Readers field on a document without adding "[Admin]" to it, or without adding an Authors field, that's just plain common sense ...

cheers,

Tom
0
 
kopibeanAuthor Commented:
Tom,

I have use your method -> Use a button to do this, and hide the button for everyone except AuthorizedAuthor .  Code is simple :
FIELD DELETED:="1";
@command([Filesave]);
@command([fileclosewindow])

I do not intend to create a view to show all deleted documents.
When the user is AuthorizedAuthor, he/she can delete this document permanently from this database, prompting user a message "This document will be permanently deleted!"
Thus, how do I configure this button formula?

Pls advise.
Thank you.

0
 
kopibeanAuthor Commented:
Anyone can help me on the above?
Appreciate your help.
Thanks.
0
 
ZvonkoSystems architectCommented:
What access rights in the database ACL do have those users listed in document fields AuthorizedReader and AuthorizedAuthor?
The highest accerss right they should have in the ACL is: Author
Do not give them Editor or higher.

0
 
kopibeanAuthor Commented:
The access rights I give is Author but do I tick on 'Delete documents' under ACL?
If the 'Delete documents' is check, when user is not in AuthorizedAuthor, he should not be allow to delete the documents but in this case, will the document be deleted if 'Delete documents' is check under ACL?

Thus, how do I solve my above problem?
Anyone, Pls kindly advise.
Thank you so much.

0
 
ZvonkoSystems architectCommented:
Authors which are not entitled as authors in some documents have only Read access to those documents.
With Read access they will not be allowed to Delete those documents.

For verification look at ACL dialog. As soon as you give some person Read acces are the checkboxes for Create and Delete documents greyed.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.