I have code in an event on a button in an XPage and it errors out because the user does not have rights to create a document in the database.
It seems that all XPage code runs with the current user’s rights.
Any way to run code using the signer’s rights instead?
Subject: Right now there isn’t and it’s currently working as designed.
Subject: Critical question then…
Paul,
Thanks for the response. Every single Domino application I have written since 1998 has relied on the fact that code (agents) can be run after the user submits a page and that code runs with the rights of the signer.
That way documents can be updated and other databases can be accessed even if the current Web user does not have rights to those resources. That functionality is critically essential to any moderately complex application.
How do we accomplish the same functionality using an XPage?
Subject: I agree
This is currently a missing functionality. We’re looking at a solution and try to make it in the next release. But no promise so far…
Subject: Well I will try to make lemonade then…
Phillipe,
First, I appreciate your response. Really.
I do not know which is worse right now: my anger at this situation or my amazement that it even exists. To know that IBM released XPages without supporting the existing security model/functionality already in Domino ranks right up there with Garnet to me.
Time for making lemonade from lemons…since it appears it is not settled yet, let me tell you how I think this should work.
Every single programmable element needs to have the option to run as the signer of the XPage.
They should all default to running with the Web user’s rights but there should be a property (computed of course) that can be set so that the code in that element can run with signer’s access.
If that is not possible then perhaps separate events where the code runs as the signer. For instance, on a button in addition to the Client and Server tabs for code, add a Signer Client and Signer Server tab for code.
If that is not possible then perhaps an added event on an XPage similar to the WebQuerySave/Open events we have today where you can either run code or specify an agent to run and that agent would run using the same security model we have today.
The bottom line is you cannot develop a secure Domino application without this functionality.
If you cannot use Domino security then the harsh reality is you might as well use something else to develop your web application.
Subject: Agents can still run with different user rights
Hi,
If you trigger an agent from your xPage it still can run with different user rights. Exactly the same way as in previous versions.
In your xPage you even have a lot new events which you can use to trigger your agents (postNewDocument,postOpenDocument,postSaveDocument,computeDocument …)
Code example here: http://www-10.lotus.com/ldd/nd85forum.nsf/DateAllThreadedWeb/f810e447550ac5e7852575ac00310065?OpenDocument
Maybe this helps.
Hynek
Subject: It helps in some cases as you suggest…
But not all.
Fully enabling this functionality as I suggested within the XPage would be totally awesome.
Subject: Doesn’t this cause double-writes, and loss of error encapsulation?
Don’t you need to save the doc(s) first, and then run the agent? Which would also need to save the doc(s) again? This seems like needless i/o.
And also, wouldn’t Agent errors not bubble up to the xPage to be handled? Talk about a logic-trap nightmare…
Subject: You are right …
Hi,
yes you are right with both points.
But nevertheless it should help you at least in some cases.
Hynek
Subject: Thanks for the response, Hynek. Hopefully this will get tackled in a future release.
Subject: Thirded. Ouch.