Permit Edit document LS with ACL

HCL Domino Domino Forum
1

Hi there,

I’m creating an script that should permit user edition on a document.

The problem is there are a flow to follow and some restrictions to follow too.

When a document is created all users should edit and make actions on it, in this first stage, the document’s name is “Prospect”.

But when the document goes to the next flow, only the manager and the doc’s author must edit and make actions, the other users only can read the document. The document’s name changes to “Active” or “Oportunity”, depending the result of the action on the previous stage.

I started the script but couldn’t find a solution.

Can you help me to solve this pluzze??

Thanks in advance…

Here is the code on the Prospect doc’s QueryModeChange.

Sub Querymodechange(Source As Notesuidocument, Continue As Variant)

Dim Workspace As New NotesUIWorkspace

Dim Ns As New NotesSession     

Dim uiDoc As NotesUIDocument     

Dim Doc As NotesDocument

Dim DB As NotesDatabase

Dim item As notesitem

Dim user$

Dim rejeitado As String

Dim ACLLEVEL_MANAGER As Integer

Dim Author As String



Set DB = NS.CurrentDataBase

Set uiDoc = Workspace.CurrentDocument

Set Doc = uiDoc.Document



formulario = uidoc.FieldGetText("formulario")



If formulario <> "Active" And formulario <> "Oportunity" Then

	continue = True

	

If ( DB.CurrentAccessLevel = 6  Or  db.CurrentAccessLevel > 1) Then

	continue = True

End If

End Sub

2

Subject: I tried something like this

Karl,

I will try this. I got the meaning and your code is so closer that I want to do. Thanks for your help.

Maria,

Thanks as well , your code seems to help me also. If Karl’s code doesn’t help me I’ll try yours.

3

Subject: Typo in code?

First of all, you can’t use the ACL for it to work the way you describe. If you give a user (or group) editor access to the database, they will have that access.You could use author fields, but that will probably not work either in this case.

Your solution using QueryModeChange is what I would do as well, but you should modify the code to exit the sub with continue set to false in order to prevent the document from being edited. I don’t see anywhere in your code where you set continue to False to prevent switching into edit mode… Unless there is a typo somewhere.

I would use user roles to control who can edit the document after the status changes from the inital “Prospect”.

I am guessing that you, when you say ‘The document’s name changes to “Active” or “Oportunity”’, you actually mean that you are changing a status field. I try to avoid actually changing the form name, and I always use a status field instead…

My code would look something like this:

Sub Querymodechange(Source As Notesuidocument, Continue As Variant)

Dim workspace As New NotesUIWorkspace

Dim uidoc As NotesUIDocument

Dim session As New NotesSession

Dim db As NotesDatabase

Dim doc As NotesDocument

Dim acl As NotesACL

Dim entry As NotesACLEntry

Dim item As notesitem

Dim status As String

Set db = session.CurrentDataBase

Set uidoc = workspace.CurrentDocument

Set doc = uidoc.Document

status = uidoc.FieldGetText(“Status”)

'*** If in “Prospect” status, allow edit

If status = “Prospect” Then

continue = True

Exit Sub

'*** Check if user is same as creator, then allow edit

If doc.Creator = session.UserName Then

continue = True

Exit Sub

'*** Check if user is manager, then allow edit

Set acl = db.ACL

Set entry = acl.GetEntry(session.Current)

If Instr(Join(entry.Roles,“;”),“[Manager]”)>0 Then

continue = True

Exit Sub

End If

'*** Otherwise prevent editing

continue = False

End Sub

I haven’t tested the code, but I believe it should work.

4

Subject: readers and authors

A combination of reader and author fields should do the trick. (You don’t want to change the ACL, as that changes access to the whole database!)

dim usersitem as notesitem

set usersitem = doc.replaceitemvalue(“ManagerCanEdit”, managersname)

readeritem.is authors = true

set usersitem = doc.replaceitemvalue(“CreatorCanEdit”, creatorsname)

readeritem.isauthors = true

set usersitem = doc.replaceitemvalue(“AllCanView”, AllUsersGroup)

readeritem.isreaders = true

call doc.save(true,false)