Securing Views

As within any Notes applications, a good Notes programmer tries to minimize the number of views in a database. Regardless of the database there will be views and some are hidden. However, hidden view are really not hidden and an experience Notes user can use the Goto Shift Control and all the hidden views can be listed and accessed which is really no security at all. We wanted to prevent users or any other unwanted individuals to open the document or even right click on the document to open the document properties box and look at the content of the field. We decided to research want we could do to prevent unwanted individuals to access the information. We tried hiding the columns, but you could still right click and get the document properties box. If you place continue=false in the queryopendocument in the view that would prevent users from double clicking to open the document but users could still right click and get the document properties. However, if you place continue=false in the queryopen of the view, the view itself can never be open and users can never see the document. You can use this method to determine who can have access to the view. This method seems to work well. If anybody have an comments on how secure this is let me know.

Comments

Post a Comment

Popular posts from this blog

The iPhora Journey - Part I - Reimagining Domino

Domino, which is currently owned by HCL Technologies, is one of the most enduring application platforms ever built. It owes its existence to Ray Ozzie, who was heavily influenced by his use of the PLATO system, a pioneering interactive/educational network at the University of Illinois. The first version of Domino (then called Lotus Notes) was released in 1989, and Domino applications from 1989 can still run on the newest version (12.01). You can build Domino applications for deployment on the Notes clients, mobile devices, or Web browsers, and for programming and customization, you can use Nodejs, Java, LotusScript, and Formula language, or any combination of them. Regardless of which programming languages are used, a typical application is usually represented by a single Domino database. However, the IT landscape has changed significantly since Domino was a dominant player in the market. The migration to web and mobile applications using cloud-based solutions has led to the steep decl
Read more

Creating Composite Applications for Classic Lotus Notes Clients – Part 2

Image
This is part 2 of my creating composite application for classic Lotus Notes clients. In part 2, I will cover how a new event in Lotus Notes 8 can used to simplify the process of creating a composite application. You can download the demo code from the sidebar or download it from here. This new event is "onSelect" and is found in Notes View. This event works not only for regular views but also for embedded views and even embedded views within a dialog box. This event is triggered whenever a document is selected in a view. It hold true even when the view is display for the first time. As a Notes developer, I feel this one single event is more than enough reason to upgrade to at least the Lotus Notes 8 Basic client. It makes a number of UI issues simply go away. Just like in the previous Lotus Notes clients we need to create a launch document in our composite application that will be used to trigger the population of the frames in the composite application. However, rather than
Read more

The iPhora Journey - Part 5 - Dammit Jim, I'm a LotusScripter not a JavaScripter

Image
As often said by Dr. McCoy in the original Star Trek series, he is a doctor, not a ____________ .  However, just like Dr. McCoy, you may sometimes need to work on things that seem very alien to your experience.  One of those things, might be JSON. LotusScript, which was derived from Visual Basic, was written long before JSON existed, and therefore, LotusScript had no built-in capabilities for handling JSON objects. As we mentioned in Part 4, JSON plays a critical role in iPhora.  All data are stored as JSON, and JSON serves as the primary data and communication format between modules, functions and services.  All core components operate using JSON-based configurations.  Therefore, it was extremely important that we are able to fluidity create, read and process JSON.   Creating a JSON string is relatively easy in any programming language. You can create it even using Commodore 64 Basic, and if built sequentially, one line at a time, it is possible to create JSON representations of ve
Read more