$First security breach ignore Reader Field - lotus-domino

[DEDIT] This seems to be due to an agent in the WebQueryOpen of the form... Currently analyzing what really happens.
Is $First a known breach in the security? If yes, is there a way to patch it ?
I have a NotesDatabase which ACL is Anonymous Author. I have a view, a document in this view, a form to display this document.
This document has a reader Field="[Admin]" (role admin is NOT given to anonymous)
http://myserver/myDdb.nsf/myview/$First
Displays the document. When I expect a login to be displayed.
http://myserver/myDdb.nsf/myview/universalDocumentID
Works correctly and don't display the document until I log in as admin.

Related

InfoPath 2010, SharePoint 2010

I have created an InfoPath 2010 form which is published to doc library in SharePoint 2010. I want for this form to become read-only ie once it has been submitted.
None of what I have done so far seems to work. I have:
Created a new view and re-named it to Read-Only and in its properties I have ticked
the "Read-Only" check box in InfoPath.
I have a "Submit Form" button and in here I have added rules for submitting the form,
switching the view to the read-only view.
To test this I fill out the form with sample data and submit it, then when I go to
the doc library where the forms gets submitted to when I open the submitted form I
find that the Read-Only view has not taken effect and that it is still possible to
edit the form.
Ideally what I am trying to achieve is to have the submitted forms turned into read-only when they are submitted and still be in read-only mode when these are opened from the document library where they get submitted to.
Any ideas where I'm going wrong with this? if there is a better and simpler way to achieve this please let me know.
Thanks in advance.
It might be too late to answer this question, but if someone is still looking for an answer you could try the below steps
Before you begin please verify that you have one of the following permissions:
a. You are a member of the Administrators group for the site collection.
b. You are a member of the Owners group for the site.
c. You have the Manage Permissions permission.
On the Site Settings page, Go to the Users and Permissions and look for settings
Under Settings you will be able to see Permission Levels
Select Add a Permission Level
Give a Name to you new Permission Level
Under the Select the Permissions to include to this permission level, select the Add Items and View Items Permissions to this group.
After the group is created, for your form library, stop inheriting the permissions from the parent site and create a new group with the new Permission Level that you just created. Add all the users to the group.
This should enable the users to submit a form but not edit it. Hope this helps.
There is an easier way to solve this. Create two views of this form on InfoPath Designer. And make sure when the form is submitted, the view is flipped to the Read-Only view; which has the salient feartures of the form such as the answers you would like to be recorded.
So anyone who opens the form once submitted wil only see the Read-Only view. You can set a rule on the form to have an administrator see a Edit mode.
I just went through this. the submit rule doesn't work, you have to create a form load rule. In the file toolbar, you'll see a form load button in the rules block.

Is there a way to detect when the Facebook permissions dialog is shown?

I'm using the FB Javascript SDK, and handling login via a custom button that calls FB.login. Ideally, I'd like to be able to record some tracking data whenever a user is shown the app approval/permissions dialog so that I can see how many users bomb out at this stage. Unfortunately, I can't seem to find a reliable way of achieving this.
If the user is already logged in to FB, I can infer whether it will be shown by checking the login status before calling FB.login. If the user is not_authorized, then I know the permissions dialog will be shown. But if the user is not logged in, my information is more limited. I can assume that the user was shown the dialog if they finish the process as not_authorized, but if they end up being connected then I have no way of distinguishing between a user who was already connected and one who just gave approval.
I'd hoped that the auth.prompt event might help, but it doesn't seem to be fired for the sequence starting from FB.login. Any suggestions?
Ideally, I'd like to be able to record some tracking data whenever a user is shown the app approval/permissions dialog so that I can see how many users bomb out at this stage.
Look at your app insights, there you’ll see Auth Dialog Conversions.
No need for own tracking for that.

VB.NET - Log into website with out website open

I want to create a program to fetch information from a website (that's fine). However, you need to be logged in to get this information.
I just want two simple textbox controls that I would type my username and password into and hit submit and the information would be returned to me so I can use it. (I don't want to use a webbrowser control)
Sorry if I wasn't clear
And also
(this really isn't important, but its up to you if you want to answer, it's probably hard)
How would I go about checking if I am still logged into a website or not (as in TRUE or FALSE)
you can pass credentials into a HttpWebRequest object.
You could use a webbrowser control since it is easy, and just set its display to not visible - the user would never see anything. You could still interact with the page just like normal. You could use the same control to log yourself out by clicking on the logout button. You would set everything up and test it with visible=true, and when it all works, set visible to false.

Need help in permission in sharepoint form library

I am working with SharePoint 2010. I need some help in regarding permissions:
Only current user can see his document created by him, he should not see other document.
Other user apart from creator of document should not see or should not delete the document.
While approver will see the document, he can only view the document he should not delete the document.
And while approver will see the document he should not get the add new document option(For this i have given permission Read Only, View Only permission but still while approver login to system he get add new document option.)
How can I give permissions described above?
There are so many question i'll answer one-by-one.
1) The best way to do is by creating new view or modifying view of library, set filter criteria to "Created by is equal to [Me]" & save. The creater of document can only see this document.
2) If others are not able to see the documents then how can they edit or delete.
3) For this you need to create new permission level which have rights of approve item,open library.
4) Just simple not check the add items checkbox in permission level.
I hope this will help you!

SharePoint 2010 - Edit user info

Why can I not (as admin or user) edit a user profile? When I click Edit Item I can only attach a file and I only see the account name. I've gone into the admin area but nothing I change takes affect. I've set some other fields as editable but they don't show. I tried to edit user policies but everything is greyed out.
Are you populating your user profiles from AD? In that case, there is nothing in SP to edit since the data comes from elsewhere.
If not, then where are you trying to edit an item? Are you using Manage User Profiles in the User Profile Service Application area?