I haven’t ever done encryption before, but I think I’ve done my due diligence here by flipping through some of the redbooks at the link in Dave Kern’s posts (and I’ve done some searching here to even come up with that name), and I’ve read through the Developer Help. But I haven’t found anything that specifically addresses my questions.
I am developing a basic HR database. On the employee profile I would like to include a SSN field, and I would like it to be encrypted so that only certain people can view and edit that field. However I would like other people to be able to edit other fields. On the face of it, this seems not to be possible. An ID that does not have the key was unable to place the document in edit mode.
So my first question is, am I doing something wrong, or is this not possible?
Assuming that is not possible, I went ahead and created a parallel document to store all the encrypted info. I am calling a function on PostSave that copies any “encrypted” fields to this Secret document, removes the fields from the Employee document, encrypts the Secret document, and then saves both. This is failing when I call the docSecret.Encrypt function by saying that the document does not specify any fields to be encrypted. The Secret form does specify an encrypted field (and the form specifies the key), but maybe the back end document doesn’t know the field needs to be encrypted.
So my second question is, how do I specify this and more importantly, is there a better way I could be doing this? This really seems like a pain to do something that seems like it should be pretty common.
Thanks in advance for any help.