How to limit access to selected document to certain users based on fields on forms?

I have a form and on the form, there are 2 fields, AuthorizedReader(read document only) and AuthorizedAuthor(read and edit and delete document only)
AuthorizedReader is an editable readers field which use address dialog for choices.
AuthorizedAuthor is an editable authors field which use address dialong for choices.

When user A create this form, he can specify who to read and who to edit the document.
Thus, user A can key in B/ABC_Corp,C/ABC_Corp,E/ABC_Corp and select another address book to enter the group like Sales Staff in AuthorizedReader field.
In AuthorizedAuthor field, user A can key in F/ABC_Corp and select another address book to enter group like All Manager.

How do I make sure user B/ABC_Corp,C/ABC_Corp,E/ABC_Corp and users in group Sales Staff listed in AuthorizedReader field are able to read the document only and user F/ABC_Corp  and users in group All Manager in AuthorizedAuthor are able to read and edit and delete the document?

Pls advise.
Thank you.
kopibeanAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
HemanthaKumarConnect With a Mentor Commented:
Give the users in author field author access in the db acl and similarly readers field users as readers in the db acl. This is the way you leverage their access level.


~Hemanth
0
 
Bozzie4Commented:
I don't quite understand your question.  You appear to ask the same thing over and over again !

If you want to make sure everything works as intended, create the documents, and then log on as 1 of the users (for instance, don't allow A/ABC any access,  B/ABC in Readers field and C/ABC in Authors field.  Log on as A, B and C and see that everything works fine.)

Names entered in any of these fields should be in a hierarchical format (eg. cn=name/o=org or name/org), except for groups (eg. localdomainadmins) and obviously roles (eg. [Admin])  If you enter usernames in a flat format (eg. Name), then they won't have access !

cheers,

Tom
0
 
qwaleteeConnect With a Mentor Commented:
1) The "select another address book" sounds like a problem.  Domino only usesthe primary address book for authorization, so groups in another address book effectively don't exist for reader/author purposes

2) Aside from that, all you need is to have all the users (whether explicitly listed or part of a VALID group) listed as author, in the ACL, either individually or as group members.  That's it.  FYI, the group names listed in teh fields do NOT have to match group names in the ACL.  The group names are shortcuts for listing the individual group members, so adding a group to a readers field or ACL means it is as if all the group members are individually listed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.