保护 Lotus Notes 中的隐藏视图
在 Lotus Notes 隐藏客户端中,默认情况下不显示隐藏视图,但您可以使用大纲进一步隐藏它们。
但是用户可以通过以下任一操作来访问隐藏视图:
- 右键单击数据库书签“应用程序”->“应用程序”。按住 CTRL+SHIFT 时“转到”
- 用户打开数据库并转到“视图”菜单,然后按住 CTRL+SHIFT 时单击“转到”
在这些情况下,用户可以看到任何隐藏的视图或仅隐藏在轮廓上的视图。
除了为每个视图创建读者列表之外,还有什么方法可以隐藏这些视图吗?
In Lotus Notes hidden client, hidden views are not shown by default but you can further hide them by using outlines.
But a user can gain access to hidden views by following either of the following
- Right click on the database bookmark, "Application" -> "Go To" while holding CTRL+SHIFT
- User opens database and goes to "View" menu and click on "Go To" while holding CTRL+SHIFT
In these scenarios users can see any hidden views or views which are only hidden on the outline.
Is there any way to hide those views aside from creating a reader list for each view?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
假设您不要求隐藏视图中的文档。 Ben的反应相当不错。但我不太喜欢视图设计中的读者列表,即使您使用 ACL 角色来管理它们。众所周知,读者视图列表很难维护,并且在调试用户问题时很容易被忽视。
如果要阻止 UI 访问视图,但仍允许用户以编程方式通过应用程序访问文档,则需要转到 Domino Designer 中视图的“QueryOpen”事件并插入以下代码。
这应该可以防止用户按照您的描述通过 UI 打开视图,但允许应用程序在需要时使用它。如果稍后需要,您可以通过编程方式控制 UI 何时可以访问这些视图。我有几个实例,我必须创建控制对象来确定哪种类型的用户可以打开/粘贴文档到视图中。
我的回答是基于您只是想阻止人们访问视图。但是,如果您需要实际隐藏视图中的文档,那么您需要考虑文档级安全性,然后围绕它设计应用程序。诚然,这会增加应用程序的复杂性,因为如果需要,您将需要使用代理代表其他人运行,以便对用户看不到的文档进行操作。
Assuming that you do not require the documents in the view to be hidden. Ben's response is quite good. But I am not a big fan of Reader lists in view designs, even if you're using ACL roles to manage them. Reader view lists are notoriously hard to maintain, and easily overlooked later when debugging user issues.
If you want to prevent UI access to the view but still permit the user access to the documents via the application programmatically, you will need to goto the view's "QueryOpen" event in the Domino Designer and insert the the following code.
This should prevent a user opening the view via the UI as you described, but allow the application to use it where required. And if so desired later on, you can programmatically control when those views can be access by the UI. I have had a couple of instances where I have had to create control objects that determine which type of user can open/paste documents into a view.
My answer is on the basis you just want to prevent people accessing views. But if you need to actually hide the documents in the view, then you need to consider document level security, and then design your application around that. Admittedly, this will increase the complexity of the application because, if required, you'll need to use agents to run on someone else's behalf in order to act on the documents the user can't see.
不幸的是,没有。保护 Lotus Notes 中任何内容的唯一真正方法是通过文档级别的读者列表或数据库或服务器级别的访问控制列表。视图、表单等只是设计“文档”,因此它们需要应用读者列表。
如果没有高度敏感的数据,这些其他技巧通常就足够了。许多用户不知道显示隐藏视图的方法,但是当然,一旦他们知道了,一切就都结束了:)
Unfortunately, there is not. The only true way to secure anything in Lotus Notes is via the reader lists at the document level, or access control lists at the database or server level. VIews, Forms, etc are just design "documents", so they need to have reader lists applied.
Those other tricks usually suffice if there isn't highly sensitive data. Many users don't figure out that means of displaying hidden views, but of course once they do it's all over :)
即使您保护自己的视图,任何至少具有读者访问权限的用户都可以对所有文档创建用户定义的视图。所以我认为这种尝试很愚蠢——不要浪费你的时间。
Even if you protect your views, any user with at least reader access can make user defined view with all documents. So I think this attempt is silly - don't waste your time.