Manage Learn to apply best practices and optimize your operations.

Check User Can Delete Docs According to Roles and ACL Even If Not Listed

Several times I dealed with problems, how to check access rights from ACL in script and many times, user was not listed in ACL. Testing roles is easy then.


 Dim IsAuthorised As Variant IsAuthorised = Evaluate("""[Admin]"":""[GrpLead]"" = @UserRoles") IsAuthorised = (IsAuthorised(0) <> 0)

and that's all. But how to check, if user can delete documents e.g. if is not listed in ACL. And I found very powerful @function - @UserNamesList - which returns current user name, group name, and the name of a role that the current user has in the current database. And code follows:


 Dim ACL As NotesACL Dim ACLEntry As NotesACLEntry Dim NamesList, NameList Dim I% Dim IsAuthorised NamesList = Evaluate("@UserNamesList") I = 0 While (I < Ubound(NamesList)) And Not IsAuthorised NameList = NamesList(I) If Not IsAuthorised Then Set ACL = Db.ACL Set ACLEntry = ACL.GetEntry(NameList) If Not (ACLEntry Is Nothing) Then With ACLEntry IsAuthorised = .CanDeleteDocuments And (.IsRoleEnabled("[Admin]") Or .IsRoleEnabled("[GrpLead]")) End With End If End If I = I + 1 Wend ' If nothing was found, script has to check -Default- entry If Not IsAuthorised Then Set ACLEntry = ACL.GetFirstEntry If Not (ACLEntry Is Nothing) Then With ACLEntry IsAuthorised = .CanDeleteDocuments And (.IsRoleEnabled("[Admin]") Or .IsRoleEnabled("[GrpLead]")) End With End If End If ...

Dig Deeper on Domino Resources - Part 3

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...