Managing Access to Views
Access to views can be managed based on the person, access group, or by role. Although you can explicitly include or exclude access based on individual persons, by far the most effective management approach is through the use of groups and roles.
Using this approach, you can manage the visibility of the view. This is accomplished by modifying the view design to establish which roles can access the view. Then anyone assigned the role can access the view with no additional modifications required to the design, whereas managing access at the view level for individuals will require changes to the design should you need to change access to the view.
Warning
Be aware that if you restrict access to a view from the Designer client, the view will only copy to the new database if you have that role assigned to you. To ensure that all design elements and documents are copied, make sure you have all created roles assigned to you.
As previously outlined in this chapter, roles are created in the ACL. After a role has been created, it can be assigned to a person or group of users. The following illustrates how to restrict access to a view based on a role. This process can be used to control access based on the person, role, or group.
Note
Remember to update the group stored in the Domino Directory with the user names or update the role assignments in the ACL to manage access to the view. In other words, if access to the view has been restricted based on a particular role, but no one has been assigned the role in the ACL, then the view will be hidden from everyone. Similarly, if visibility has been restricted based on a group, but the user has not been included in the group, they will not be able to see the view in the database.
Категории |