Hi,
I had a problem with a domino application made by a newbie and I was trying to figure out why some URLs were working properly where a ‘Entry no found in index’ error was the logical answer. The URL is:
http://server/database.nsf/viewname/UNID_of_a_document
My question is, why am I able to open any document of a database from its UNID even if the specified view doesn’t contain it? I can use any view of the database and still open the document. In my mind, only the view ‘0’ should be able to access all documents. Is this a bug, a feature or a bug that is now a feature for backward compatibility? So, if I can get the UNID of a document, I’m able to open it from any view of the database even if I lock the view ‘0’.
I just want to be sure that this weird behavior is ‘normal’, even if I think it’s a bug because it may change how the security is implemented in a web application.
Thanks,
Carl
Subject: The real question appears to be access…
-
In that case the access controls on the document should prevent it from opening regardless of how it was opened. The reality is that View membership should not be determining access control, the document itself should. If the user has the ability to open the document it should open. The Views only serve to present accessible documents in various manners to simplify location; even if the system itself is doing the location on behalf of the user, access controls should and do apply.
-
Having said that, it does seem a tad counter-intuitive (to me, for what that’s worth) to be able to give the UNID for a document to literally any View in the system and it opens. That’s what View 0 is for, a quick way for the application to locate documents by UNID without having to build a View for that common operation. Applying this shortcut to any View doesn’t make the most sense; if an app breaks because a developer used an UNID against a generic View, then poo-poo that developer for not using View 0 like they should have. Best practices and all that jazz.
-
Having said that, in the Grand Scheme Of Things To Fix, this strikes me as making non-issues seem important.
Hope this helps…
Subject: I agree… but I still think it’s a bug…
I agree with all of you. This is not a security problem since the real security must be built on the ACL and the documents access fields. And yes, as I said earlier, this, let’s say, weird behavior, cannot be corrected since many old applications may access documents this way instead of using the /0/ view.
So, I still think that this is a bug that cannot be resolved. It’s like calling an url like : myserv.com - This website is for sale! - Services Resources and Information. with success, when you know that the ‘file.html’ is located in another folder. Like Andre says, if there’s only one ‘file.html’ on the server, why not opening it! I don’t think that’s the way a server should work.
Topic closed! There’s many more important bugs in Lotus Notes that IBM must work on before dealing with this little ‘problem’, like an editor that don’t eat code lines… ;).
Have a nice day guys! 
Subject: answer: why not?
It’s possible to identify which document you want to open; why not open it? I think links should continue to work whenever possible, if there’s any we can determine a reasonable place to steer them to.
The view UNID is used for any view-related stuff that happens on opening the document, such as form formulas and the @ViewTitle function used within the form.
It would certainly be possible to check that the document is in the view before opening it, but it would make the document take longer to open and wouldn’t be advantageous. E.g. maybe the document was in the view at one time, but since the view was displayed on their browser (and the link generated), the document status has changed and the view no longer contains the document. You want the user to see an error message when they click that link? What if the document was bookmarked in the browser? You want to break the user’s bookmark without giving them any clue what the corrected link should be?
Subject: This could be a useful ‘feature’…
Andre
I currently have a large database that includes 2 views for accessing a particular class of document - one for opening the documents - and one, with a form formula, for opening a ‘printer friendly’ version of the same documents. Currently, the ‘print’ view contains all of the documents that the other view holds - and Domino has to maintain this large view index just to support this print functionality.
Now, you are saying that Domino will allow us to access any document by its UNID via any view; and that the form formula of the view referenced in the URL will be respected. So I could change the selection formula for the ‘print’ view to say “SELECT @False”, without impacting the current functionality - and maintaining the view index would be much easier for the server.
Can you confirm that this behaviour is here to stay - and is not going to change in a subsequest release to the way Carl expected it to work.
Thanks
Tim
Subject: I don’t think I’m in a position to promise
But you have to consider how many existing applications something would break if it changed, or how many other sudden problems it would cause, and think whether we would cause ourselves that kind of trouble on purpose.