HOW TO Restrict access to documents
Clone this wiki locally
How to allow or not to open a document depending on the current user.
IMPORTANT NOTE: the following mechanism is not a security mechanism, it does not really restrict access to the document information, it just avoid accessing the document with a given form (so it means it might be accessed with another form or accessible in a view, etc.). To restrict access to the document itself, you need to use the Plomino_Readers field.
Let's assume your form contains a Name field and you want to restrict access to documents according this field value.
This field would be named "employee" for instance
Note: if you want it to store the id of the user who creates the document just make it Computed on creation, with the following formula:
To restrict access to the document, we will use the onOpenDocument event: if this event formula returns anything false (False, None, 0, ""), the document opening is allowed, but if it returns a non-empty string, the opening is not allowed and the returned string is display to the user as error message.
So edit your form, and go to Events tab, and enter a formula like this in the On open document event:
if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee: return None else: return "You are not allowed to view this document."
If you also want to allow users having a given role (let's say [controller]), you would use a formula like this:
if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee: return None roles=plominoDocument.getCurrentUserRoles() if "[controller]" in roles: return None return "You are not allowed to view this document."