HOW TO Restrict access to documents

Eric BREHAULT edited this page Sep 21, 2016 · 1 revision

How to allow or not to open a document depending on the current user.

IMPORTANT NOTE: the following mechanism is not a security mechanism, it does not really restrict access to the document information, it just avoid accessing the document with a given form (so it means it might be accessed with another form or accessible in a view, etc.). To restrict access to the document itself, you need to use the Plomino_Readers field.

Let's assume your form contains a Name field and you want to restrict access to documents according this field value.

This field would be named "employee" for instance

Note: if you want it to store the id of the user who creates the document just make it Computed on creation, with the following formula:

plominoDocument.getCurrentUser().getMemberId()

To restrict access to the document, we will use the onOpenDocument event: if this event formula returns anything false (False, None, 0, ""), the document opening is allowed, but if it returns a non-empty string, the opening is not allowed and the returned string is display to the user as error message.

So edit your form, and go to Events tab, and enter a formula like this in the On open document event:

if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee:
  return None
else:
  return "You are not allowed to view this document." 

If you also want to allow users having a given role (let's say [controller]), you would use a formula like this:

if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee:
  return None
roles=plominoDocument.getCurrentUserRoles()
if "[controller]" in roles:
  return None
return "You are not allowed to view this document."