Solved

Reader Access

Posted on 2006-07-13
12
346 Views
Last Modified: 2013-12-18
Have a form that I am using author fields to allow read access to only the user who submitted a request. I have been asked to open that a little. I have requests which will be coming in from multiple users within the same office. I would like to change the design so any user who is within an office can see all the requests placed for that office. I capture the office ID in a field and it is standardized format. How can I add a reader or author field to allow all users in office say 123 to see all these requests placed with 123 in that Office id field, not just there own.
0
Comment
Question by:jforget1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17101806
Contradiction in terms: Author fields are not to be used to restrict read access, that's what Reader fields are for.

Use roles for this purpose: give a group a role, and create an additional (internally generated) Reader-field with the value "[Role]"
0
 

Author Comment

by:jforget1
ID: 17103219
I thought reader was the way to go, did not want to assume, but is there a way to link to the value in the office field? It is not viable to do it by roles. Lets say I have user A and they enter a record for office 123, I have user B and they enter a record for office 123. Right now user A and B can only see the records they entered because they are the author. Can I do a reader field that ties to the value 123 in the office field so user A can see User B's requests and vice versa, but not the requests for other offices.  
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17103362
About the roles, it's rather easy:
- add a Readers-field OfficeReaders, computed, formula "[" + Office + "]"
- in the ACL, create groups of users per office
- assign each group the role of the appropriate office
- I hope there are no more than 72 offices... that's the max number of roles allowed
- you can do the same with group-names instead of roles, with Group/OU/ACME

Since Readers-fields need to be stored in the document before they can function, you need an agent to update existing documents.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:jforget1
ID: 17105419
The problem is there are well over 100 offices involved and we do not know up front who will be the users for each office.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17106279
> The problem is there are well over 100 offices involved ...
Ah. Now you're in trouble, can't do that with roles, only with groups.

> ...and we do not know up front who will be the users for each office.
That's a disaster! If you don't know what office a user works for, how should your application know??

Does each office have its own server? You could restrict replication, but that would be a last resort solution to me.
0
 

Author Comment

by:jforget1
ID: 17107341
I agree I have been telling the people I work for that this is n ot possible. I was just hoping that there may be some way to tie into the office ID field and if there some way to tie into the commonality.
0
 
LVL 46

Accepted Solution

by:
Sjef Bosman earned 250 total points
ID: 17107434
Of course you can do funny thing in the QueryOpen of a form. This would only result in a document that cannot be opened, but they can still see it and, if the design isn't hidden, they can still inspect the fields using the Document Properties.

So:
- Reader field is okay
- do things properly
- either role or group in the Reader field
- give users a role (ACL), or place them in groups (NAB)

But as I've been the only one answering your question, you could wait a little, to see whether my colleagues have other opinions...
0
 

Author Comment

by:jforget1
ID: 17107486
Appreciate the help, I may give this a lil time to see if maybe someone has some quirky work around.
0
 
LVL 8

Assisted Solution

by:behenderson
behenderson earned 250 total points
ID: 17114815
You can create a view and an agent so that you can update the documents with new users who list a specific office in one of the documents so that anyone who has created a document with a specific office listed will be able to see all other documents that have that office listed... That is not very secure though since anyone can create a document listing any office as their own... It is great for local replicas though.   (they end up small and replication is fast)

This is not a simple solution and would involve creating some rather extensive scripts new forms and new views.   I would create a document called and Office Definition document and have that document be public and create a view that lists those office documents alphabetically .  Each Office definition document must have a field (or fields depending on the number of users per office) that will store the names of the individuals in that office in it.  Your other private forms must have a querysave script that looks up the office document in the view and then adds the user to the members field if they are not already there and then adds the people listed in the members field to a readers field in that document.  

Remember that if you use back end scripts to add the users to a readers field that you need to set the isReaders flag in the notesitem in order for it to be a readers field.  Remember also that their MUST be a readers field that lists admins and your servergroup members so that their are not lost documents.

The second part of this is adding an agent that updates documents with the new people who are listed in the office definition documents to all outstanding documents for that office.. so when you put a new documetn in the database that lists a specific office you will be able to see your other office memebrs documents only after the update agent has run.

Number 1 most important thing to remember with readers fields is that they are subtractive and it does not matter if you are the admin of the database if there is a document with a readers field and you are not listed you will not be able to see the document so you will not be able to have agents that will fix the document or anything like that
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17114949
Wouldn't an Office Definition then be the functional equivalent of a Group in the NAB? Maybe I don't understand where your proposed solution really differs from Groups.

You can also create a categorized view, first column is the office, and create a Page with that view embedded on it, with show single category. In that way, the documents for one office only can be shown. Note that this has nothing to do with security...
0
 

Author Comment

by:jforget1
ID: 17167009
I think the problem here is that we have this database setup to be open and not require a lot of maintenance of the ACL. THat will limit the ability to capture the info needed above without making it very cumbersome, but I appreciate the help.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 17173767
I appreciate the appreciation :)
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question