| Back | Main view
IMiS/ARChive user can view the attribute value despite being denied the right to view (Deny Read)
| Product: | IMiS/Client |
| Release: | 9.8.1710 |
| Date: | 12/11/2017 |
Case:
An archive user can view the custom attribute value despite the "Deny read" attribute setting in the IMiS/ARChive Server configuration.
Description:
In the archive’s configuration define a new “Public custom attribute”.
Connect it to the template and define its properties. Set the attribute property to public (Public=True).
Specify for it to be used in documents contained under folders.
In the archive create a document under a folder (Filed document). Define the values of attributes.
In the archive’s configuration specify that the user Ron Salazar does not have the right to view the values of the “Public custom attribute”.
In the archive open the entity type “Filed document”. Check the rights to view the values of the “Public custom attribute”. You see that the user has an effective right despite being denied the right to view.
The reason for that is that the attribute has been defined as public. Because attribute properties prevail over rights to entities and their properties, in our case the user keeps the effective right to view the values of the “Public custom attribute”.
As an example, change the setting of the properties of the “Public custom attribute” in the archive’s configuration, so it is not public (Public = False).
The user no longer has an effective right to view the values of the “Public custom attribute”.
Due to the denied right to read (Deny Read) and the setting of the properties of the “Public custom attribute” so it is not public (Public = False), the user cannot view the attribute value.
Related Documents:
| Back | Main view