HOW TO Restrict access to documents

Eric BREHAULT edited this page Sep 21, 2016 · 1 revision

How to allow or not to open a document depending on the current user.

IMPORTANT NOTE: the following mechanism is not a security mechanism, it does not really restrict access to the document information, it just avoid accessing the document with a given form (so it means it might be accessed with another form or accessible in a view, etc.). To restrict access to the document itself, you need to use the Plomino_Readers field.

Let's assume your form contains a Name field and you want to restrict access to documents according this field value.

This field would be named "employee" for instance

Note: if you want it to store the id of the user who creates the document just make it Computed on creation, with the following formula:

plominoDocument.getCurrentUser().getMemberId()

To restrict access to the document, we will use the onOpenDocument event: if this event formula returns anything false (False, None, 0, ""), the document opening is allowed, but if it returns a non-empty string, the opening is not allowed and the returned string is display to the user as error message.

So edit your form, and go to Events tab, and enter a formula like this in the On open document event:

if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee:
  return None
else:
  return "You are not allowed to view this document." 

If you also want to allow users having a given role (let's say [controller]), you would use a formula like this:

if plominoDocument.getCurrentUser().getMemberId()==plominoDocument.employee:
  return None
roles=plominoDocument.getCurrentUserRoles()
if "[controller]" in roles:
  return None
return "You are not allowed to view this document."
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.