Hi there!I have a problem with my application on the web.
I have a form and at some point, people with reader access level are asked to for their password and login and get an error 401 when they try to put the doc in edit mode.
There is also an agent that the user can run…this agent does some modifications on the doc and reopens the doc in edit mode.
When the user runs the agent(with reader level),he gets the error 401 but the doc is modified!
The same person with editor level has no problem…
This is rather weird since when I give that person Editor acces, “Create Shared folders/views” is unchecked…such that the options checked are the same whether he is Author/Editor.
And I have checked ‘Security options’ for all the fields on that form and they are all set to ‘None’
Does anybody have an idea on what is causing this and possible solutions please?
Author or editor access works exactly the same for browser users as for client users. Your comment on “create shared folders/views is unchecked” implies to me, that your concept of access privileges might lack some of the details.
Here’s a quick roundup. Users are able to open a form in “edit mode” (url command ?OpenForm), if
they have editor (or higher) access to the database
they have author access to the database and there is an authors field on the form containing the user’s name, one of his roles or one of the groups he’s member of
they have the privilege to read and write public documents (regardless of access level) and the form property “available to public access users” is set
Access level is not just a culmination of the additional privileges you assign to the user. Editor and Author are different things.
To open an existing document in “edit mode”, the first two points still apply, but not the third. If user’s access level is reader or below, there must exist an item called $PublicAccess set to “1” in the document.
Agents are a different story. By default, an agent called from the web runs under the authority of the person who last signed it. Unless you checked the run as web user box or provided a run on behalf of name.
As you don’t give any more details on how your forms and agents are coded and how they are called, that’s really all I can say.
When extending the application in the future, remember that other resources you might add (like subforms or views that are accessed by Lookups) need to be available to public access users as well, if the user does not have read access to them.
One nasty bit here are shared fields, that do not have a GUI widget to set them to public access.