Manage Learn to apply best practices and optimize your operations.

Group roles on the Web

This tip helps you check roles for groups.

The core of our parts website is created by Domino web agents. These agents are written in lotusscript and Several of the items are shown or hidden base on user roles.

Since there wasn't a function capable of checking roles for groups I wrote verifyUserRole. You pass in the Role, Session, and Canonical User name and it returns true or false.

As a test copy this code into an agent and call it via url from your web browser.

Sub Initialize
 Dim s As New NotesSession
 Dim db As NotesDatabase
 Dim acl As NotesACL
 Dim entry As NotesACLEntry
 Dim doc As notesdocument
 Dim nn As notesname
 Set doc = s.documentcontext
 Set nn = New notesname(doc.remote_user(0))
 role$ = "[com]"
 roleIsEnabled = verifyUserRole (role$, s, nn.Canonical)
 If roleIsEnabled Then
  Print role$ & " is enabled for user " & nn.Abbreviated
  Print role$ & " isn't enabled for user " & nn.Abbreviated
 End If
End Sub

Function verifyUserRole (role As String, s As NotesSession, user_Name As String) As Variant
 Dim acl As NotesACL 
 Dim entry As NotesACLEntry
 Dim currdb As NotesDatabase 
 Dim GroupsView As NotesView
 Dim groupdoc As NotesDocument
 Set currdb = s.CurrentDatabase
 Dim NAdb As New NotesDatabase(currdb.Server,"names.nsf")
 Set acl = currdb.ACL
 Set GroupsView = NAdb.GetView("Groups")
 roleIsEnabled = False
'Check to see if the user is listed directly in the ACL  
 Set entry = acl.GetEntry( user_Name )
 If Not entry Is Nothing Then
  If entry.Isroleenabled(role$) Then
   verifyUserRole = True
   '  print "User role" & role & " is enabled for " & user_Name
   Exit Function
  End If
'User is not listed get first entry in the ACL to look for groups
  Set entry = acl.GetFirstEntry 
  While Not entry Is Nothing 
   '  print "entry " & & " <br>"
   If entry.Isgroup Then
    '  print & " is a group<br>"
    If entry.IsRoleEnabled(role)Then
     '  print "The " & role & " role is enabled for " & user_Name & " in group " & & "<br>"
'Find group in the Address Book
     Set groupdoc = GroupsView.GetDocumentByKey( 
     If Not groupdoc Is Nothing Then
'Roll through members and check for current user
      Forall names In groupdoc.members 
       If user_Name = names Then
        '  print "verified <br>"
        verifyUserRole =True 'role is enabled for user
        Exit Function
        Exit Forall
       End If
      End Forall
     End If
    End If
   End If
'Get next ACL entry
   Set entry = acl.GetNextEntry(entry)
 End If
End Function

Dig Deeper on Lotus Notes Domino Administration Tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...