Tuesday, April 9, 2013

Making a distinction between the "read" and "update" permissions

Since Orbeon Forms 4.0, Form Builder provides a UI allowing form authors to define who can do what on the forms they create, once they are published. For each role, form authors can define which function users can perform. The functions are create, read, update, and delete (CRUD). In 4.0, read and update where grouped together; i.e. users with a given role where either allowed to both read and update, or were not allowed to do either. We now separated read and update to make this more granular, for instance allowing form authors to say that a given role can read the data but not update it, as is the case for the clerk role in the screenshot below.

This feature will be in the upcoming 4.1 release, and you can already try it today in the 4.1 M1 milestone build.

No comments:

Post a Comment