Hi, I have a database (Enforce consistent ACL across replicas is enabled) with one form (i leave the form security options tab by default). I juste add a readers access field on this form.
I create a record with the name of a person in the reader field and make a local replica of the database with this person’s id.
Now i delete the local replication history and in the same time i remove the person from the readers field in the server db. So the person have no access to the document when connecting to the server db. But if you replicate, the document don’t move in the local db. Why ?
Note I haven’t this issue if i don’t clear the replication history…
Subject: clear replication history & readers field
I’m not totally sure I know what or why you are attemping to do what you are are attempting to do- but, if you use readers fields- you must populate the appropriate server names in to that readers field, of they cannot read them. I am guessing that is the issue- and I have no idea why clearing replication history would affect this.Tom
Subject: RE: clear replication history & readers field
Thanks for reply. Don’t worry about server rights, they are manager of the database and have the [ADMIN] role which is in all readers fields.
During the document life, it’s possible to remove access for a person : imagine a workflow db where users only replicate/view documents which are in status “in progress” for example. so you remove reader access from reader fields on the server db with a sheduled agent for example.
When we replicate “normaly” this is ok, the document disapear from this person db !
But if this person have done a “clear replication history”, the document don’t disappear from the local db !
The test is easy to do and i don’t understand…
In addition, administrators say often “clear replication history” if you encountered some problems with the replication of a local database… But in this case this is very dangerous : local and server datas can become different ! User have no access to a server document but view it in local replica if “clear replication history” has been done.
Subject: clear replication history & readers field
Why would you expect it to vanish from the local replica ?
When replicating, the local replica cannot see the server version of the document. There’s no deletion stub in the server for this document, so it’s not going to delete the document in the local copy. As local replica do NOT contain documents that the user cannot read, it’s not going to replicate the modified server document to the local database, because the user is not allowed to read it.
What it does see is there’s a document in the local copy that is not (as far as it knows) in the server copy. What it would try to do is replicate that document back into to the server copy. The server won’t allow that, as it knows there IS a copy in the server, but the user doing the replication does not have access to update it.
The following is my guess as to how the replication history is playing into this scenario. As the replication is taking place, it sees this local document that’s not on the server, but the replication history tells Notes that it saw a server copy in a prior replication. Thus it can conclude that, as it’s “not there” now, and there’s no deletion stub for it, the user’s access must have been revoked. I would presume that it would then remove (not delete) the local database copy of the document.
Subject: RE: clear replication history & readers field
Thanks for reply. Don’t worry about server rights, they are manager of the database and have the [ADMIN] role which is in all readers fields.
During the document life, it’s possible to remove access for a person : imagine a workflow db where users only replicate/view documents which are in status “in progress” for example. so you remove reader access from reader fields on the server db with a sheduled agent for example.
When we replicate “normaly” this is ok, the document disapear from this person db !
But if this person have done a “clear replication history”, the document don’t disappear from the local db !
The test is easy to do and i don’t understand…
In addition, administrators say often “clear replication history” if you encountered some problems with the replication of a local database… But in this case this is very dangerous : local and server datas can become different ! User have no access to a server document but view it in local replica if “clear replication history” has been done.
Subject: RE: clear replication history & readers field
By clearing the replication History, you are removing Notes ability to recognize that a server document that it could see before can no longer be seen by this user.
So all Notes knows is that there’s a document in the local version that’s not on the server. It’s not going to remove that document - it had not reason to.
If you need to remove users access to documents, then don’t clear the replication history. Have users delete and recreate the local replicas instead if they get corrupt.