- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2019 02:33 PM
Hello all,
I'm trying to let the users of my app be able to submit a record into a table, but not be able to view all the records from other users.
Right now the table ACLs give Create and Write access to users, and Read access to admin.
I also have an extra ACL to give Read access to users but only if they are the "Requested for" owners of the record (so they can see the table through a filter "My Records")
But when the users click "New" on the table they don't see any fields to fill out (because they don't have read permission)
Removing the extra ACL makes it so they can see the fields and submit a new record--but then they can also view the master table consisting of everybody's records.
Is there any way to let a user create record/see the form but restrict access to viewing the list of the entire table?
Or is there a better way to go about this?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2019 08:19 PM
What if you just created a record producer and posted it to the portal? that would allow users to fill out the form and create records on your table.
This would also allow you to control the fields they have available to them. and you dont have to give any access to the table.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2019 05:40 PM
Hi,
Below suggestion should work for you:
1) Have an "Create" operation ACL both at the Table and Field level,give them the Roles required to create the Record.
2) Have a similar Write Operation ACL as well both at Table and Field level and check for the New Record, if it's a new Record give them the access else check for the logged in User Parameter like if the ticket is opened by him or he is the caller or assigned to him then give him the access else Deny it. You can use current.isNewRecord() to check for new records or not.
3) Similarly you need to create a Read Operation ACL, checking for New Records first and then decide based on other parameters like if the current logged in user is similar to caller or other field values then allow else deny it.
Hope this help. Please mark the answer as helpful/correct based on impact.
Regards,
Shloke
Regards,
Shloke
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2019 08:19 PM
What if you just created a record producer and posted it to the portal? that would allow users to fill out the form and create records on your table.
This would also allow you to control the fields they have available to them. and you dont have to give any access to the table.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 01:29 PM
Oh! I didn't know this feature existed. Thank you very much
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 03:18 PM
Glad I could help. 🙂
