I have recently been experiencing a problem which suggests that Notes is inconsistent in resolving ACL roles. Problem was first noticed when users in a group with [Global Admin] role could not see a button that sould only be hidden from users without that role. When I did some testing on the server to check Role resolution, I found the following. Using the Effective Access button in the ACL dialog I was correctly reported as having Manager access and [Global Admin] role via the group. However the @UserRoles function returned nothing. Using LotusScript NotesDatabase.QueryAccessRoles method correctly returned [Global Admin]. Final piece of confusing evidence is that a form in the database which only users with [Global Admin] roles can use to create documents also works correctly. When I assign the role to the group I can create a new document, when I remove the role I get not authorised message. Anyone seen this before or have any suggestions why I am seeing the inconsistent behaviour. Could it be corruption of the group document in the Public Address Book or lookup views? But why does LS work and @function fail. I am very confused.
Subject: Roles resolution inconsistent
I have the same sort of problem, @userroles stopped working for one user on Friday pm - although it was working before hand:
I investigated further:
Effective access button in ACL shows user is in a number of roles but the @userroles returns nothing. (agents & computed for display field, various hide when formula).
I found that if I created a local replica of the dbase it does work (if the enforce a consistent ACL is ticked).
I created another replica on a second server but still had same issue. (also same with a new copy).
After testing with this user’s ID on my machine I found that the @userRoles command has started to fail for me as well!
So I created a new dbase on our development server - new agent with @prompt ([OKCANCELLIST]; “”;“”;“”;@USERROLES);
I added a role [TEST] and ticked this for two users who are explicitly named in the ACL (my ID and a test id).
The agent works for the test id and not mine.
Anybody got any idea’s ?