I have a basic need to protect the integrity of note text in my system; specifically, once a note has been created, no CSR should be able to edit it (higher levels, maybe). Ideally, it should be immutable once created, but I'll allow the CSR that created it to edit it if that's what's necessary; the big deal is that nobody else should have that access.
The basic role permission that enables this is the Write permission of the Note entity. By setting this to "No Access" but still granting access to Create and Append, users can still write new Notes on any Entity they can "Append To" from a form where the notes exist as a subgrid, but they cannot edit any existing Note.
There are, however, two problems with this. First, I lose the "Add New Note" button in the Ribbon. Not a huge deal but it does force the user to add Notes using the inline editor of the subgrid. The bigger deal is that I lose the Attach File button. CSRs still need to be able to attach files, even if they can't edit notes once created.
Is there a way to do what I need?
If it's only GUI protection you're looking for, you might simply set the field to not editable from on load script.
Related
This seems like a simple question, but Google doesn't seem to want to give me a direct answer.
I've been given an Access 2016 database with some queries that the owner would like his client to use. When a query is run and displays data, the default is that users can make changes to the displayed data and these changes are saved to the underlying table. Is there a way to protect those tables so that they don't change if the user makes changes?
This has the feel of a simple question, but I can't seem to find a way to lock those underlying tables.
You can use Before Change Data Macro as a workaround
Switch table to Design View and create Before Change Macro, like this:
This macro will instantly revert any changes that user make at YourField or AnotherField. You can lock selected columns only, if you wish.
Adding new records is unaffected. For more details see https://msdn.microsoft.com/en-us/library/office/ff835322.aspx
Well, build a report or a continues items form, and have the users launch hat report (or form). If you use a form, then set the edits = no, and your problem is solved.
You might have to change your start-up settings to hide the navigation pane, and hide all queries etc. (but this is quite easy to do).
Thus you provide a menu form, perhaps custom ribbon, or a form hat simply lets the user select the form or report to launch. That way, users can mess around with the actual query, and the resulting report (or form) can be set to not edit data.
I am working on our intranet that utilizes a custom .master page. One content placeholder that refers to the search functionality of SharePoint is being utilized in the footer ().
In our site mockup, we envisioned two search boxes, one in the top of the site, above the nav and one in the footer. I thought, easy, I just duplicate that content placeholder which brought up a duplication error from Sharepoint.
My question is this: Is there a way to duplicate content placeholders without needing to create a custom placeholder? And if not, is creating a custom placeholder the best way to go about this?
Thank you in advance!
There are many ways to customize this.
Direct master page change
Add (custom) place holder to master page
Use delegate controls (no master page change required)
Delegate controls allow you to create a regular user control (.ascx) and assign it a sequence number so that it becomes attached to an existing master page control. Using delegates could potentially allow you to attach the same user control to two different controls (delegates).
With all the recent "don't change the master page" buzz, it is becoming ever more relevant, although for on-premise scenarios, you can be a bit more eccentric.
Not only you can't duplicate place holders, but you should also be very careful while removing or even adding existing place holders, no matter how irrelevant they may appear to be. Even their original order matters (e.g. PlaceHolderPageTitleInTitleArea, PlaceHolderLeftNavBar).
refs,
http://blog.sharepointexperience.com/2013/08/missing-apps-you-can-add-with-custom-master-page-in-sharepoint-2013/
http://www.eliostruyf.com/missing-apps-can-add-zone-adding-new-app/
http://www.eliostruyf.com/document-set-view-not-visible-in-sharepoint-2013/
examples,
https://zimmergren.net/sp-2013-some-new-delegatecontrol-additions-to-the-sharepoint-2013-master-pages/
http://www.fivenumber.com/understanding-sharepoint-delegate-control/
i am new in ms access. Now i have to finish some modifications in ms access 2003. I am getting this error "you do not have access to the database this time. If you proceed to make changes,you may not be able to save them later". Please help me to solve this problem.
Microsoft has documented the problem, but the sugested solutions were completly unusable in most of my situations. Furthermore the issue occurs even in a split database and it occurrs inconsistently with forms and controls that use code. In my opinion MS got this wrong or at the very least documented incompletly.
Here is my solution:
The problem in many instances traces back to Access thinking the DB is in an exclusive mode, when it should be in a shared mode. Setting the DB to "shared mode" under Options doesn't help, because it will revert back to "exclusive" any time a user turns on the "design view" for any object in the database OR makes code modifications OR if a user presses "save" (CTRL + S)!
In order to prevent the error message from poping up, you need to prevent the users from pressing "save" or switching to "design view" in your DB. I have deleted the save button in the Quick Access Toolbar (so users don't see it) and under Options>Current Database I have unchecked "Allow Full Menus". Additionally you can also uncheck "Enable Layout View" in the same menu.
Possibly the Save function can be disabled alltogether, but I have not yet written code for this. This solution is not fool proof, but it greatly reduced the occurence of the problem in my various split and unsplit DBs.
I was getting this error in ms-access-2010 just the other day. I was working with a method in vb to query the db. I needed to commit my transactions and close the database object after I was done with it at the end of the method. This fixed the problem for me.
This occurs in Access 03 when you are not the only live user present in the .mdw (security) file, if this is a shared database then before making any changes you will need all other users to log out and then to ensure this error doesn't occur again, always open the database in 'exclusive' mode for editing, this is achieved by selecting the little arrow on the open button.
However, you can also have some strange behaviour with .mdw files, if you are genuinely the only user logged in, then I would suggest first logging out, manually deleting the .mdw file if it exists and then going back into the database.
Always open the database in "exclusive mode" when programming and this will never happen.
I have a section of my content tree which I would like to deny ALL permissions to except for specific roles. This seems like a really obvious task to perform, and yet I don't see an example of it in the Security Administrator's Cookbook and I can't figure out an easy way to do it using the security tools. I must be missing something obvious... ???
Say I have this:
sitecore
-content
-branchA
-branchB
Everything I created in the content tree is readable by extranet\Anonymous by default. But even when I click on the "Require Login" on the security ribbon, all users still have read access, they just have to log in. I want to make branchB readable by ONLY sitecore\SomeRole members. How is this done?
Ok, follow this guideline.
Let's say we have sitecore\SomeRole and a content tree like this:
Home
branchA
itemA1
branchB
itemB1
We'd like to deny acccess to branchB and all its descendants for everyone, except for SomeRole.
First off, in Security Editor select Home node, choose sitecore\Everyone role and set the following permissions:
alt text http://img822.imageshack.us/img822/7172/sitecoreeveryonepermiss.png
Now check the access in AccessViewer - that's what we need:
alt text http://img532.imageshack.us/img532/3512/sitecoreeveryoneaccess.png
Let's allow branchB for SomeRole. Go back to Security Editor and explicitly allow permissions for SomeRole:
alt text http://img80.imageshack.us/img80/120/sitecoresomerolepermiss.png
And check this in AccessViewer again:
alt text http://img27.imageshack.us/img27/9584/sitecoresomeroleaccess.png
Hope this answers your question. Beware that Sitecore versions prior to 6.2.X have an issue: AccessViewer doesn't refresh correctly after permissions are set. Kill aspnetwp (w3wp) to fix this.
It sounds like your problem is that you're allowing the extranet\Anonymous user to have read access too far up in the tree. Remove the access grant at the top level (don't deny it, just remove it) and grant it wherever you really need it (like at branchA).
in a List i have one 'Status' field that should be accessible to only Owners and to the Viewers/Readers it should not be accessible. Do anybody can guide me how to do this.
Well, you can, your view still is visible if the users know how to reach the default views of your list, if its not a security issue, you can use this:
Open your All Items View (/Lists/MyList/AllItems.aspx)
Edit the Page
Add the same List as a WebPart, twice
Delete the original webpart (the one with the Change View drop down)
Edit your WebParts and configure your views
In the Toolpart, on the Advanced [+] set Audience Targetting to your desired Groups
Done!
Either that or you can create a workflow that copies the item to a new list with its metadata, but without that specific column and only give the viewers rights to see that list.
If the question is one of security (it usually is, else just use a view), you can't lock down specific columns. You can find techniques to hide them, but then you're just plugging holes.
The workflow approach recommended by KoenVosters is probably the only secured way I can think of delivering this without coding.
This is not possible out of the box, but I came across this tool that will help to archive this with ease