So I have a two part question, mostly surrounding ACLs. I have been messing around without for awhile, without much success in getting to do what I want.
First, I created a table called "My Attachments". It contains three main fields: u_catalog_item, u_group, and inactive.
The u_catalog_item field is a reference field to another table called "My Attachments Control Table". This table has three similar fields as the other table.
So, I want users to be able to view their own "My Attachments" records. This ACL is working as I want, using these conditions:
I only want them to be able to read these existing records of theirs, and not be able to edit or delete them. But I want to allow them to add New records. So my first question is how to do set up ACLs to do that.
The second part revolves around adding the New records to this "My Attachments" table. As I said, the u_catalog_item field is a reference field back to the "My Attachments Control Table". I want to limit the items in the drop-down of this u_catalog_item field to only show records where the u_group field is one of their groups. So we wrote a JavaScript function in a Script Includes that works like the "is dynamic One of My Groups" functionality, and use it in the Reference Qualifier of our reference field. It was working at one point, but I think that all my messing with ACLs causes it to be "overruled", where it shows all the records, or none of the records (and actually hides the field from those users completely).
I guess the trick is to allow them to see the appropriate values in the drop-down reference field, without actually giving them access to this "Control Table" at all (they don't need to see it, it is just used in the drop-down reference field for them).
I think I cannot see the forest for the trees. Any tips/help would be appreciated!
OK, so that first part did the job in making those records visible, but read-only. However, now when I click on the "New" button (when impersonating one of those users), it shows the Submit and Save buttons but no fields!
This is what the Write ACL looks like:
And then I added a Create ACL that looks like this:
I even trying adding explicit field write ACLs, with the Role showed above, but no luck. The person I am testing has that role, but it is not showing any fields at all to enter information into when the New button is clicked.
Any idea on what the problem may be?
OK, this I do not understand at all. I edited a "Read" ACL, and not it works, I can see those fields I need when I click on the new button. I circled below in red the changes I needed to make in order to get that to work.
I do not understand why I needed to do that in order to see the necessary fields when creating/adding a new record.
However, now I am having the issue where the u_catalog_item drop-down on my form is showing ALL records, even those for other groups and inactive records, even though my reference qualifier should be limiting that list to exclude those.
