Hi,
I have just discovered that one of our users deleted hundreds of documents in one of our dbs for which he is only reader a week ago.
I have checked the Public name & address for its rights, which was confirmed in the ACL by looking at his actual rights :
-
read public documents
-
write public documents
-
replicate/copy documents
He has a 8.5 Notes client and the server is 8.5.1 FP3.
I will confirm tomorrow but he is probably working on a Local replica of that db.
I am pretty sure that no changes have been done on this server these last days (rights, …)…
Any idea welcome.
Jean-Pierre Bloch
Subject: Re: Reader deletes documents
How do you know the documents were deleted, and by whom? Did you look at the user history, or what?Could these have been public documents, which the user has access to modify?
Could they have merely been modified to not appear in your views, rather then deleted?
Local vs. server replica makes no difference (except insofar as the user can certainly manage to delete documents from their local replica – but the server will not let them replicate these deletions up if they aren’t authorized).
Subject: Let’s be more specific…
Hi Andre
It’s a long time since I was not on this forum.
Happy to see you are still around !!
You pushed me with your serie of questions and probably this led me not too far from the answer.
As a matter of fact, this application is an agenda for our organisation.
The template used to create it was Mailxx.ntf.
The point is :
And your are right, these are all public documents !!
Although the db is supposed to be centrally managed, users seem to be allowed to delete these meeting documents.
Is there anything I can do in the future to disable this ?
Should I disable “Write public documents” ?
Thanks again.
Jean-Pierre
Subject: Re: Should I disable “Write public documents” ?
Probably. Or maybe a design change would be better so that they are not public documents.
It depends what else you need these users to be able to do.