Implementing View-Level Security

Using a read access list is a way in which view access can be restricted. This can be considered security, however, only if the user who cannot access the view is also restricted from creating views of her own. Keep in mind that any user with design capabilities and the ability to create a view in your database can mimic any view that you restrict.

The read access list is contained in the Security tab of the View properties, as shown in Figure 23.17. The Security tab is represented by a key in all design elements that contain security.

Figure 23.17. The read access list for a view can be used to restrict access to data.

To restrict access to the view, uncheck the All Readers and Above check box, and check the individual and group names in the name list for those names that should have access to the view. The entries that appear in the list are all the entries in the ACL, including any roles you've defined. You can also select individual names from the Domino Directory by clicking on the person icon next to the names list. Remember, this is a security refinement and does not override the ACL.

Notice the check box for Available to Public Access Users in Figure 23.17. Checking this box is all that's required to make a view available to public access users.

Категории