Hi,
Create
an active link on window open/window loaded. Let the active link execute on all
the forms which you don't want these users to access by manipulating the
URL.
Run-If
: $GROUPS$ like "%<group name>%"
OR
In the
Permissions tab, add this group (only).
Display an appropriate error message and exit the
application.
If you
want this to run on the mid-tier only, append the following to the
Run-If:
AND
$CLIENT-TYPE$ = 9
This
active link will throw an error to all users belonging to the forbidden group if
they try to open a form checked in the active link.
Thanks
Radhika
Direct : +44 20718 20262
Extn : 20262
Radhika
Direct : +44 20718 20262
Extn : 20262
-----Original Message-----**
From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED]On Behalf Of parikshit saxena
Sent: 10 November, 2006 3:15 PM
To: [email protected]
Subject: Form Permissions issue on mid tierHi AllWe are trying to limit the accesss for a particuler group of user on our application vies on mid tier 6.3.The issue here is that the URL can be manipulated now by any user logging into the application and hence all sensitive data is exposed.We are trying to give Hidden permissions on the critical forms for this group, so that data can be accessed from those, but the forms are hidden on the web client.But this doesn't seem to work here.Though the forms are not coming in the object list on ARUser now, but they are still visible on mid tier (despite of cache flush).Would be grateful if someone can provide some insights on this.RegardsParikshit
Find out what India is talking about on - Yahoo! Answers India
Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW __20060125_______________________This posting was submitted with HTML in it___
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
__20060125_______________________This posting was submitted with HTML in it___
