Using Roles
Roles are a very powerful and useful feature that can be used to further refine a database ACL. Roles are actually created in the ACL through the Roles tab, which is shown in Figure 23.15.
Figure 23.15. The Roles tab of the ACL is where database managers can add and delete roles.
Just like groups, people are assigned to roles. What's different about roles is that groups can also be assigned to a role. In fact, any entry in the ACL can be assigned to a role. However, this is also the major flaw in using roles. Only those entities listed in the ACL can be assigned to a role. Therefore, if you use group names in the ACL and you want only some of the people in that group specified in a particular role, you couldn't do it unless you explicitly place those users' names in the ACL.
To create a new role in a database, follow these steps:
- Open the ACL for the database.
- Click the Roles button.
- Click the Add button.
- Type the name of the new role and click OK.
- Click OK to close the ACL window.
Clicking the Add button brings up a simple window to add a new role. Type the name of the role and click OK. The new role appears enclosed in brackets in the Role window. Roles also appear in the Roles window in the lower-right corner of the Basics tab of the ACL. Up to 75 roles can be added to a database. Role names can contain numbers , characters , and spaces. Lotus recommends (and I agree) that it's best to exclude spaces when naming roles.
After a role is added to the database, it can be used to limit access to design features of the database. Both forms and views have a Security tab on the properties box where roles can be used. This is useful if you have certain documents that store values that only specific groups of people should update, such as lists that are used in keyword fields. You can limit create access to the form that stores the lists and read access to the view that displays the form to that group of individuals. The values in the forms can still be accessed by using @DbColumn or @DbLookup against a hidden view. The returned list can then be used in a keyword field. Roles can also be used to limit access to documents. To limit access to a form using a role, follow these steps:
- Open the form in Design mode.
- Open the form's properties box and click the Security tab (the tab with the key).
- Deselect All Authors and Above from the Who Can Create Documents with This Form section in the middle of the properties box.
- Click the role in the list box.
Similarly, read access to documents created by the form can be limited by deselecting All Readers and Above at the top of the properties box under Default Read Access for Documents Created with This Form and choosing an appropriate role. In both cases, make sure that groups and individuals have the role selected in the Basics tab of the ACL. This is accomplished very easily by selecting the group or individual in the ACL and clicking the appropriate role in the Roles list box. A check mark appears beside the role. Figure 23.16 shows an example of assigning a role to an individual.
Figure 23.16. The NewsEditor role is assigned to individuals and groups by placing a check mark beside the role.
Using roles in view security is similar to form security. To use a role to limit access to views:
- Open the view in Design mode.
- Open the View properties box and switch to the Security tab.
- Deselect All Readers and Above under May Be Used By.
- Click the role and save the view.
Remember that roles are not the only means of limiting access to forms and viewsgroups and individuals can also be named in these lists. Furthermore, this technique does not override the ACL. If a user has Reader access to a database, he can only read documents in that database. Even assigning create access for a form to that user does not allow the user to create a document with a form. You should always think of this technique as a refinement of the ACL.
Roles can also be used to limit read and edit access to specific documents. Adding a role to a Readers or Authors field will quickly and easily accomplish this. The role must be enclosed within quotes and square brackets as in the following example: "[ReardenSteel]".
Part I. Introduction to Release 6
Whats New in Release 6?
- Whats New in Release 6?
- A Brief History of Lotus Notes
- Major Features of Lotus Notes
- Types of Applications
- Whats New in Domino Designer?
- New Design Element Features
- New Language Features
The Release 6 Object Store
- The Release 6 Object Store
- Defining a Domino Database
- Understanding the Database Structure
- Creating a Database
- Working with Database Properties
- Understanding Design Templates
- Creating Your Own Templates
- Inheriting Designs from Templates
- Using Templates to Replicate Design Changes
- Using Templates as Design Libraries
- Archiving Versions with Templates
The Integrated Development Environment
- The Integrated Development Environment
- Working in the Application Design Environment
- Working with the Properties Box
- Understanding the Work Pane
- Using the Programmers Pane
- Understanding the Info List
- Understanding the Action Pane
- Customizing the Tools Menu
- Printing Source Code
- Using the HTML Editor
- Locking Design Elements
Part II. Foundations of Application Design
Forms Design
- Forms Design
- Designing Forms
- Setting Form Properties
- Working with Text Properties
- Working with Fields
- Writing Formulas in Fields
Advanced Form Design
- Advanced Form Design
- Working with Tables
- Using Graphic Objects on Forms
- Working with Form-Level Events
- Using Form Actions
- Working with Hotspots
- Understanding Sections and Section Properties
- Using Layout Regions
- Working with Special Forms
- Creating Reusable Design Objects
- Using Embedded Elements
- Using the Form Design Document
Designing Views
- Designing Views
- Defining the Elements of a View
- Creating a View
- Setting View Properties
- Creating Advanced View Selections
- Adding and Editing View Columns
- Using View Column Properties
- Adding Actions to a View
- Creating Calendar Views
- Understanding Folders
Using Shared Resources in Domino Applications
- Shared Resources
- Sharing Images Within a Database
- Creating Shared Files
- Creating Shared Applets
- Shared Code
- Creating Subforms
- Creating Shared Fields
- Creating Shared Actions
- Script Libraries
- Database Resources
Using the Page Designer
- Using the Page Designer
- Understanding Pages
- Working with the Page Properties Box
- Using the Page Designer
- Adding Layers to Your Pages
Creating Outlines
- Creating Outlines
- Creating an Outline
- Working with Outline Entries
- Embedding Outlines
- Adding an Outline to a Frameset
Adding Framesets to Domino Applications
- Adding Framesets to Domino Applications
- Creating a Frameset
- Using the Frameset Designer
- Working with Frames
- Viewing the HTML Source of Your Frameset
- Launching the Frameset
Automating Your Application with Agents
- Automating Your Application with Agents
- Working with Agents
- Creating an Agent
- Working in the Agent Builder Design Window
- Using @Commands in Agents
- Putting Your Agent to Work
- Creating a Complex Agent
- Using LotusScript in Agents
- Creating Web Agents Using Formulas and LotusScript
- Using Java in Agents
- Testing and Debugging Agents, the Agent Log, and Agent Properties
- Agent Properties via the Agent InfoBox
Part III. Programming Domino Applications
Using the Formula Language
- Using the Formula Language
- Overview of the Formula Language
- Knowing Where to Use @Functions and @Commands
- Formula Syntax
- Limitations of the Formula Language
- Working with Statements
- Using Logical @Functions
- Working with Date and Time @Functions
- Working with Strings
- Getting Session and User Information
- Working with Documents
- Retrieving Data with @DbColumn and @DbLookup
- Working with Lists
- Getting User Input
- Controlling the Flow of a Formula
- Error Handling
Real-World Examples Using the Formula Language
- Real-World Examples Using the Formula Language
- Programming Practices
- Using Formulas in Forms and Subforms
- Writing Field Formulas
- Writing View Formulas
- Using Hide When Formulas
- Working with Forms, Views, and Shared Actions
Writing LotusScript for Domino Applications
- Writing LotusScript for Domino Applications
- Software Construction
- Fundamental Elements of LotusScript
- New Technologies and LotusScript
Real-World LotusScript Examples
- Real-World LotusScript Examples
- Real-World Example 1: Importing a Delimited Text File
- Real-World Example 2: Delete a Parent Document and All Its Children: DeleteParentAndChildren
- Real-World Example 3: Schedule an Agent Robot to Refresh All the Documents in a View: Robot-DailyRefreshAllDocs
- Real-World Example 4: Return a Web User to the Place Where He Started After a Document Is Submitted: WebQuerySave-DocSubmit
Writing JavaScript for Domino Applications
- Writing JavaScript for Domino Applications
- What Is JavaScript?
- JavaScript Is Not Java
- JavaScript and the Domino IDE
- The Document Object Model
- JavaScript Support in Domino 6
- When to Use JavaScript
- A Look at JavaScript in Domino
- JavaScript Libraries in Domino
- JavaScript Principles 101
- Syntax and Command Blocks
- Statements
- Output
- Functions
- Objects
- Input Validation
- Validating Check Boxes
- Validating Radio Buttons
- Validating Selection Lists
- Calculations
- JavaScript Application
Real-World JavaScript Examples
- Real-World JavaScript Examples
- Real-World Example 1: Dynamic Drop-Down Lists on the Web
- Real-World Example 2: Dialog Boxes and window. opener on the Web
- Real-World Example 3: Dynamic Tables
- Real-World Example 4: Useful JavaScript Utilities
Writing Java for Domino Applications
- Writing Java for Domino Applications
- Introduction to Java
- Choosing a Java Solution in Domino
- Understanding the Notes Object Interface
- Writing Java Agents
- Using Other Java IDEs
- Other Uses for Java
Real-World Java Examples
Enhancing Domino Applications for the Web
- Enhancing Domino Applications for the Web
- Whats New in Designer 6
- Understanding the Domino Web Application Server
- Understanding the Basics of HTML
- Using HTML in Domino Designer
- Adding Power with Domino URLs
- Views and Forms Working Together on the Web
- Incorporating Flash into Your Web Pages
- What Its All About: XML Exposed
- How Does Domino Use XML?
Part IV. Advanced Design Topics
Accessing Data with XML
Accessing Data with DECS and DCRs
- Accessing Data with DECS and DCRs
- What Is DECS?
- The External Data Source
- DECS Administrator
- Creating the Activity
- Accessing the Application
- DECS Summary
- Data Connection Resources
- DCR Example
- Tips on External Data Access
Security and Domino Applications
- Security and Domino Applications
- How Does Domino Security Work?
- Enabling Physical Security
- Setting Server Access
- Database Access Control Lists
- The Role of the Domino Directory in Application Security
- ACL Privileges
- Enabling Database Encryption
- Using Roles
- Implementing View-Level Security
- Implementing Form-Level Security
- Implementing Document-Level Security
- Applying Field-Level Security
- Hiding the Design of Your Application
Creating Workflow Applications
- Creating Workflow Applications
- The Evolution of Groupware
- Introducing Workflow
- Creating Mail-Enabled Applications
- Using Triggers to Send Email
- Sending Mail with LotusScript
Analyzing Domino Applications
Part V. Appendices
Appendix A. HTML Reference
Appendix B. Domino URL Reference
EAN: 2147483647
Pages: 288
