Help with locking down fields

c_hayes · ‎03-15-2017

I am currently developing an application and want to lock down fields. When a user fills out a request, they submit it and the status automatically changes upon pressing submit. When the status is Complete or Cancelled we lock down all fields by setting them to read only using the client script below.

However, there are status' between those two points and we don't want approvers altering the information that users submit. So we want to lock down only certain fields(the fields that the user fills out) when they submit a request. I reached out to someone for help and they suggested I use the ACL's to do this. I'm not very confident in using the ACL's so I decided to make a client script based on the one above. Both of them lock down fields based on the status(One locks down all fields when the status is Complete or Cancelled and one Locks down a list of fields when the status isn't new request). I wrote this script based on the script above and it doesn't appear to be working.

Additional information:

I could be wrong but it appears in the first script it sets all fields to be included under a variable x and sets that variable x(which includes all of the fields) to read only. Because I just want certain fields I abandoned that method and decided that I would just list the fields I wanted to lock down within the if statement. Although I'm sure there neater ways to do this I figured that listing the fields would still work. I didn't want to type out the name of every field so I just decided to test the script with one field that I wanted locked down and if it worked then I'd go type out the rest.

Can anybody see why this wouldn't lock down the field u_prod_title when the status is something other than New Request?

I made sure that the script was active and I was looking at requests that were not in the new request status.

veena_kvkk88 · ‎03-15-2017

Hello Colin!!

Using client script to make fields read-only is not the best solution. Use ACLs/UI Policies is the best solution but since you want to know whats wrong with your script, here it is:

In line 7, use g_form.setReadOnly('u_prod_title', true);

fields[] is only used in the first script because the field names are all stored into an array called fields and each field name was walked through using the for loop. Since you are not doing that here, you don't need line 5 and change the line 7 to what I gave above.

the 'x' in fields[x] represents the index of the field name present in the array.

View solution in original post

Harish KM · ‎03-15-2017

if(status!='New Request') // replace New Request with choice value not label.

And also ACL will be a good approach to make read only.

Regards
Harish

c_hayes · ‎03-15-2017

I'm kind of confused. What do you mean by a choice value and not a label? Are the status' in the first code choice values? Because the first code works and I can't find a significant difference between when that sets a status condition and when my code sets the status condition except for the fact that they are using different status' for there conditions.

Harish KM · ‎03-15-2017

you can debug by setting alert and see what values you get'

var status = g_form.getValue('u_sow_status');

alert(status); see what you get here

and inside if

put alert("inside if");// see whether it is coming inisde if

Regards
Harish

Dave Smith1 · ‎03-15-2017

ACLs are most definitely the way forwards here.

Begin with drawing up the lifecycle of record, perhaps in the form of a statechart.
For each state, identify what fields change properties, and define levels of accessibility to those fields (e.g.: number becomes RO to the following groups)
Then translate those to ACLs.

Now I know you said you're not confident of ACLs.. but you really need to do (1) and (2) irrespective of the approach. All we're suggesting is that (3) should be implemented as ACLs rather than as a client script, and if you clarify the first two then someone can help you with the third.

nb: have you spoken to your platform admin? We cover ACLs on our sysadmin courses, so bring them onboard for assistance if needed.