This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Lorraine Bubweplopynds
Sep 4, 2014, 10:34 AM
11 Posts

Role in Reader field

  • Category: Domino Designer
  • Platform: Windows
  • Release: 9.0
  • Role: Developer
  • Tags:
  • Replies: 4

I am using Role "[Leader]" and it is being added in a Readers Field in order to give this authority to whoever I need him to read all the documents in the view that have this Role in the Readers Field. unfortunately it does not work and whoever has this role can not see those documents with "[Leader]" string in the Readers field.

Please advise

~Vera Elnubergetsi
Sep 4, 2014, 10:55 PM
24 Posts
Some questions
Questions:
1.  Is the field "Computed when composed", Editable, or Computed?
2.  Do you have multiple values listed in the programmer's pane, as allowable readers?  
*if so, the values need to be separated by a colon ( : )
3.  Are the users with this role listed individually in the ACL, or as a member of a group, Or both?
*A user listed individually takes precedence over a group.  So if a user is in a group with Author access WITH role AND listed individually as Author WITHOUT role, the user cannot see the docs because their individual listing wins over the group listing.
4.  Could the role be called "Leaders" instead of [Leader], or some other variation that may be slightly different between the readers field formula and the role name itself?
5.  What steps did you use?  Is it different from the steps I outlined below?  If so, please explain.

My results:  I tested this just now and was able to restrict users with a "[Leader]" role - this set of steps works for me:
a.) configure ACL with the [Leader] role.  Set default access = Reader
b.) Assign 1 group and 2 individually listed users with this role; combination of reader and author access in the ACL with [Leader] role
c.) Create a readers field on a form:  Datatype = Readers;  name of field = docreaders;  Computed when composed;  Formula in the programmer's Pane:  "[Leader]"
d.) Manager-level user with Leader role creates 3 docs.
e.) User without the role logs in and CANNOT view these docs (as expected)
f.) Switch to a user (not doc creator) who has the role assigned, and they CAN see the docs (as expected).
~Fred Asatumiburynds
Sep 5, 2014, 6:33 AM
107 Posts
If the database is a local replica...
...you should ensure that 'Enforce a consistent ACL...' is enabled on the ACL's 'Advanced' tab. Otherwise roles won't work in Readers fields.
~Lorraine Bubweplopynds
Sep 5, 2014, 8:22 AM
11 Posts
Role in Reader field

Hi Amy and Jochen Thank you so much for your quick reply

Following is my answers are in BLUE

1.  Is the field "Computed when composed", Editable, or Computed? 

Field is computed

2.  Do you have multiple values listed in the programmer's pane, as allowable readers?   
*if so, the values need to be separated by a colon ( : ) 

Yes and they are listed like this in the Field "[Admin]":"[Reader]"

3.  Are the users with this role listed individually in the ACL, or as a member of a group, Or both? 
*A user listed individually takes precedence over a group.  So if a user is in a group with Author access WITH role AND listed individually as Author WITHOUT role, the user cannot see the docs because their individual listing wins over the group listing. 

They are listed individually 

4.  Could the role be called "Leaders" instead of [Leader], or some other variation that may be slightly different between the readers field formula and the role name itself? 

Yes

5.  What steps did you use?  Is it different from the steps I outlined below?  If so, please explain. 

Database is already in use and has thousands of documents. There are 4 Fields:

2 Readers Type Fields as follows:

1) Field name is = Readers (Editable, contains individual names)

2) Field name is = HiddenSec_1 (Computed, contains "[Admin]":"[Reader]")

2 Authors Type Fields as follows:

1) Field name is = Authors (Editable, contains individual names)

2) Field name is = HiddenSec (Computed, contains "[Admin]":"[Author]")

ACL Default is NO ACCESS

'Enforce a consistent ACL...' is enabled on the ACL's 'Advanced' tab

Yes and it is being used from the Local replica

Recently I added a new user to the database who should see all the documents. I gave him the Role "[Admin]" in order to see all the documents and also created a new Role called "[Leader]" since "[Leader]" Role is not yet added to the documents I thought he should see all the documents because "[Admin]" is already there.

~Vera Elnubergetsi
Sep 5, 2014, 9:32 PM
24 Posts
Something else to try
All of that sounds correct.

The only other thing I can think of at this time:  If the user had the db open and did not see the docs, have them restart the Notes client completely.  

Security info gets cached for that session, and a restart is the only way to refresh that.

This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal