I need to make all fields of a form read only for all users, except for users who have the role of admin and knowledge_admin through the client script in the kb_knowledge table.

Go to solution
1231
Tera Contributor

‎04-20-2022 02:13 PM

I need to make all fields of a form read only for all users, except for users who have the role of admin and knowledge_admin through the client script in the kb_knowledge table.

0 Helpfuls
  • 3,237 Views
1 ACCEPTED SOLUTION

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage
In response to 1231

‎04-20-2022 04:36 PM

Hello 123,

You can do something like:

function onLoad() {
	//Type appropriate comment here, and begin script below
	if(g_user.hasRole("admin") || g_user.hasRole("knowledge_admin")){
		//do nothing
	}
	else{
		var fields = g_form.getEditableFields();
		for (var x = 0; x < fields.length; x++) {
			g_form.setReadOnly(fields[x], true);
		}
	}
}

 

First validate if the user has admin or knowledge admin.
If not, set all editable fields to read-only.

Hope this helps, but remember that with SNUtils or basic browser console knowledge a user can bypass these rules! Best option to use should be an ACL.

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Best Regards,

Filipe Cruz

View solution in original post

4 REPLIES 4

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage

‎04-20-2022 02:15 PM

Hello 123,

If you want to do that, don't do it in a Client Script. It's extremely easy to bypass the security of read-only fields in the browser.

Instead, create a write ACL for roles admin and knowledge_admin.

That way you will ensure that only those roles will be able to edit the kb_knowledge records.

Hope this helps!

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Best Regards,

Filipe Cruz

0 Helpfuls

Go to solution
1231
Tera Contributor
In response to Filipe Cruz

‎04-20-2022 02:17 PM

0 Helpfuls

Go to solution
1231
Tera Contributor

‎04-20-2022 02:17 PM

I understand, but for reasons of demand I need to do it using the script client, can you verify what would be the code to perform such an action?

0 Helpfuls

Go to solution
Filipe Cruz
Kilo Sage
Kilo Sage
In response to 1231

‎04-20-2022 04:36 PM

Hello 123,

You can do something like:

function onLoad() {
	//Type appropriate comment here, and begin script below
	if(g_user.hasRole("admin") || g_user.hasRole("knowledge_admin")){
		//do nothing
	}
	else{
		var fields = g_form.getEditableFields();
		for (var x = 0; x < fields.length; x++) {
			g_form.setReadOnly(fields[x], true);
		}
	}
}

 

First validate if the user has admin or knowledge admin.
If not, set all editable fields to read-only.

Hope this helps, but remember that with SNUtils or basic browser console knowledge a user can bypass these rules! Best option to use should be an ACL.

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Best Regards,

Filipe Cruz