1. Get rid of all advertisements and get unlimited access to documents by upgrading to Premium Membership. Upgrade to Premium Now and also get a Premium Badge!

how to prevent users to update metadata fields on content that they are not the autho

Discussion in 'Oracle Webcenter Suite (formerly Oracle ECM)' started by tejalmistry, May 11, 2009.

  1. tejalmistry

    tejalmistry Active Member

    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    80
    Hi,
    I would like to know how to prevent users to update metadata on content that they are not the author of. How can we change this functionality with a rule?

    I've separate check-in screens department wise. I want to apply this rule for all the different department.

    I know that we can set up a global rule but not sure how to activate the global rule across all the content. My security model is based on department.One department will not be able to view documents of other departments.

    Thanks
     
  2. markH

    markH Forum Advisor

    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    180
    Location:
    Kansas
    Re: how to prevent users to update metadata fields on content that they are not the a

    hmmm i understand that you have different security groups for your departments right? So if a user is a contributor to one security group he will have access to update metadata of other authors too.

    Now if you want to restrict authors from updating content of other authors, i am afraid straight away in your security model, it won't be possible with simple rules. See the thing is imagine you have kept locks on rooms. Now if you gave 3 people keys to one particular room, how do you prevent him from reading a book left there by someone else?

    The solution would be to now keep those books inside lockers with locker key only available to book owner. An intelligent use of accounts can serve your purpose, but the downside is you would have to create as many accounts as many users.

    The easier and bad way to do this would be by database triggers on revisions table.
     
  3. tejalmistry

    tejalmistry Active Member

    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    80
    Re: how to prevent users to update metadata fields on content that they are not the a

    Hi markH
    Thanks for the below update.

    I do understand the situation and I know that with my current security model its not easy and hence I was looking for the solution.

    The thing is we are already live with our UCM and I cant change my security model at this stage.

    I thought using dUser field in our condition we can restrict updation of metadata.
    Do you have any solution for that?

    Thanks
    Tejal
     
  4. markH

    markH Forum Advisor

    Messages:
    88
    Likes Received:
    10
    Trophy Points:
    180
    Location:
    Kansas
    Re: how to prevent users to update metadata fields on content that they are not the a

    well do you only want to prevent other authors from updating but from creating revisions also? I am afraid using dUser in any rule won't work, because you actually need the info of original author to compare with the current author. Without database access that won't be possible. A simple customization would serve your purpose though. You can create a custom component by modifying the dynamichtml resource which gets called when you click on the "submit update" button.

    You can include a query resource to the component that would fetch the original author and then use javascript to throw an alert if the current and original author do not match. Sounds complicated but is quite simple actually.
     
  5. Sadik

    Sadik Community Moderator Forum Guru

    Messages:
    1,906
    Likes Received:
    252
    Trophy Points:
    1,455
    Re: how to prevent users to update metadata fields on content that they are not the a

    hi Mark you are forgetting that on a profile update DOC_INFO resultset has all the old data. So the original poster's requirement can be met with a simple rule. I am not sure if DOC_INFO keeps dUSER but it sure keeps dDocType as I had used that in a rule once.

    So basically you need to try this

    1. Open up the Configuration Manager applet.

    2. Open the ‘Rules’ tab, and click ‘Add…’

    3. Give some Name to the rule

    4. Click the global rule box.

    5. Click the activation condition box, and click ‘Edit…’.

    6. Click ‘Add…’ to add a condition, give it a name

    7. Click ‘Use event’, and under that click ‘On Submit’.

    8. Click ‘Use action’, and under that click the box ‘Content update’.

    9. Click ‘OK’.

    10. Click the ‘Fields’ tab, and click ‘Add…’.

    11. Select the field name ‘Author’ and click ‘OK’.

    12. In the popup, click ‘Is derived field’ and click ‘Edit…’.

    13. Click the ‘Custom’ tab, and the ‘Custom’ checkbox.

    14. In the text box, fill in this IdocScript:

    Code (Text):

    <$oldAuthor = getValue("DOC_INFO", "dDocAuthor")$>
    <$newAuthor = getValue("#local", "dDocAuthor")$>
    <$if not (newAuthor like oldAuthor)$>
    <$abortToErrorPage("You are not the original author, you cannot update.")$>
    <$endif$>
     
    So try this and see if it works.
     
  6. tejalmistry

    tejalmistry Active Member

    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    80
    Re: how to prevent users to update metadata fields on content that they are not the a

    Hi Sadik,
    I'm afraid that the logic given by you is not working.
    I.e. other users are able to update the metadata of the document created by me.