Managing Access to Views

Access to views can be managed based on the person, access group, or by role. Although you can explicitly include or exclude access based on individual persons, by far the most effective management approach is through the use of groups and roles.

Using this approach, you can manage the visibility of the view. This is accomplished by modifying the view design to establish which roles can access the view. Then anyone assigned the role can access the view with no additional modifications required to the design, whereas managing access at the view level for individuals will require changes to the design should you need to change access to the view.

Warning

Be aware that if you restrict access to a view from the Designer client, the view will only copy to the new database if you have that role assigned to you. To ensure that all design elements and documents are copied, make sure you have all created roles assigned to you.

As previously outlined in this chapter, roles are created in the ACL. After a role has been created, it can be assigned to a person or group of users. The following illustrates how to restrict access to a view based on a role. This process can be used to control access based on the person, role, or group.

Step 1.

Update the database ACL. Select the File > Database > Access Control menu options. Create the role and assign it to one or more persons (or groups) as describe previously in this chapter.

Step 2.

Modify the view design. Open the database in the Domino Designer client. Locate and open the view. Select the Design > View Properties menu options to display the properties dialog. Switch to tab 6 (security) to modify the access level for the view (see Figure 19.14).

Figure 19.14. Persons, Groups, or Roles that may access the view

By default, Who may use this view will be set to All readers and above. Uncheck this option and select the roles (such as [Administrator]) permitted to access the view. Note that you can also assign users and groups, but this is not considered a best practice.

Step 3.

Save and close the view.

Note

Remember to update the group stored in the Domino Directory with the user names or update the role assignments in the ACL to manage access to the view. In other words, if access to the view has been restricted based on a particular role, but no one has been assigned the role in the ACL, then the view will be hidden from everyone. Similarly, if visibility has been restricted based on a group, but the user has not been included in the group, they will not be able to see the view in the database.

Категории

© amp.flylib.com,