I'd like to hide one of the fields in a Drupal View from users that aren't logged in. This is easy to do for the whole block with the Access settings, but there isn't an obvious way to do it by field.
Since I couldn't hide part of the block selectively, I hid the entire block from anon users, then created a duplicate of the block with the field for registered users removed, viewable only by anon users. This isn't ideal, but it works.
Related
Our old authentication mechanism had mandatory and immutable email for each user by design. After exporting old authentincation mechanism into the hands of Keycloak 4.6.Final, We are left with old references to users by email as this was in fact used as an id from the beginning of this system.
Keycloak User Management UI is delivered to client as part of a whole system. Now we're facing a problem where the users administrator at the customer's side is able to create users with no email, and even worst, he give a user one email and overtime change it. Leaving this option open is most likely to create bugs for the client as the user base grows.
I've been digging around google, sof, keycloak mailing list search engine, and couldn't find any documentation relating developer's ability to apply configuration on top of particular keycloak distribution which would set features such as mandatory and immutable on some user attributes which are optional and editable by default.
I know that question is old, but maybe someone will need answer.
it's 2022-11 and there is experimentas feature in Keycloak 20. You can enable declarative-user-profile and then customize your user profile and set required fields and other options. user-profile
This feature may be removed in the future, because it's experimental.
And this feature has bugs (tried with 20.0.1). For example, if you add required attribute group, then you can see groups while creating new user and you can select groups. But if you try to save user, then error appears telling, that group is required.
The documentation says, you can control permissions at a form control level. If you wanted a group of users to not have permissions on the sales order details form for certain controls, how would you go about doing it?
There's a property in form controls called "Security Key", you can create or just use one that already exists.
If you choose to create, you must link a user group to this Security Key... and if you create the user group, you must link users to this group.
If you don't link any user group to this Security Key, only admins will see.
Or else, you can do something like this in the init method of the form: (I don't recommend)
if(curuserid() == "RT.")
{
formcontrol.visible(true);
}
I have a infopath form already built, how do I achieve the following?
user is able to access the form via infopath form web part.
user is able to fill out the form and submit via the web part.
user cannot go to Site Contents to even view the result, neither their own, nor others'
user cannot view/edit any results. Submit data only.
Is this possible in SharePoint 2013? So far the closest I could get to is use custom permission level to allow user to only view but not edit item. But I don't want them to even view the result of others. They should only see the form via the web part and submit data there.
Create custom Event receiver on item added event. once the item added just break the permission inheritance and assign the permission for admin only.
So now user can submit the data but they can't able to see that
I think it is possible to submit the form data to another site by web services.
I currently have a user whose Access Rights are messed up and I'd like to reset them. I could be blind but does anyone know of a way to do this?
I am not aware of a way to reset the user rights.
The only way I can think of is deleting the user and create a new one, or write a script that loops to the tree or retrieves al items that the current user has rights on and resets the rights for this user.
Security of an item is stored within the __security field on the item itself. Furthermore, security is stored by the name of the user or role, not by an ID. Deleting a user/role will not modify any item that references that user/role so you effectively get orphaned access rights.
I had created a script years ago that will report on (and reset) the security of items. It is available from my blog post and I referenced it within this similar question. You should be able to modify that script to remove a single user's rights.
So far, the only way I've been able to do this is to go into the Security Editor, select the user, then open every item in the tree and unset every access right manually to the default setting of Inherited.
For instance, there are at least a Read/Write/Rename/Create/Delete/Administer/Inheritance permission on just the Home item alone. Each permission has one of the following states: Inherited/Allowed/Denied/Item vs. Descendant Right/Protected/Not Applicable. If any of those are set, manually unset it. So, if it were set to Allowed, you'd click the green check mark which would unset it from Allowed (I guess you could argue I'm setting it to Inherited).
To get back to square one, everything should be set back to Inherited.
Is there any special security privileges that i need to give my users so that they can run some custom code? I have a javascript library that is triggered on a button click that then gets all of the selected items in a subgrid. When I get all of the check-boxed items I then feed that into an update operation and upload the string if items (in the form of GUIDs) into a Single Line Textbox field on my entity. Once that field is updated they will trigger a dialog which consumes the textbox field and does some more work on it.
The problem is that nothing happens. I solved one issue once I figured out that the user needs Organizational write access to the entity, but now I see another exception "...is missing prvReadWorkflow privilege" does that mean these users need Read Access on Organizational workflows?
Am I missing anything else?
I don't have an explaination for why you require read access to workflows for this update operation, but this microsoft CRM forum post appears to be about the same issue you are having.
Tanguy suggests you add read access to processes for the affected user.