Change Security Settings

Objectives:

• Change the permissions of the Anonymous group so that anonymous users can view pages and data, but not add or edit records.
• Explore the Add Members page.
• Add a system field to your view and restrict it so that it is visible only to users with permissions to edit records.

Estimated time to complete: 15 minutes

Skill level: Intermediate

DataWeb includes a sophisticated security system to protect your data. Specific permissions can be applied to folders, data files, or the entire application. In this section, we'll modify some of the security settings for our application.

When you create a new application, you are the application's owner. The owner has complete control over the application. To see how your application will appear to an anonymous user, try logging off and browsing the site.

Change anonymous permissions
When you create a new application, it is not accessible to anyone other than yourself. If you want to make your pages and data publicly available on the Internet, you must change the security privileges for anonymous users.

* Follow these steps to change security settings for anonymous users:

1. On the Security menu, select Application Permissions.
2. Change the role for the Anonymous group from No Access to Reader. This permits anonymous users to browse your data and files, although they cannot modify any part of your application.
3. Click Apply.

Anyone who visits the site can now view the book club schedule.

Add members to your application
You can invite other people to become members of your application. When you invite a new member, you can specify what group they belong to, and so specify the level of permissions that they will have.

In this section, we won't actually add a new member to the application, but you can explore the Members page to see how to do it.

* To see how to add a new member to your application, follow these steps:

1. On the Security menu, select Web Members. Note that your name and email appear in the list, and that you are the owner of the application.
2. Click New Member. On this page, you can add a new member by typing their email address and selecting which group they belong to. Those in the Administrators group have the most privileges; those in the Guests group have the fewest. Note that you can add a personal message to the invitation email that is sent when you add a new member.

Restrict access to part of a view
You can set security for individual elements on a view so that they appear only for users with sufficient permissions. Let's add an additional field to the view in the Books folder and restrict it so that only those with permissions to edit records can see it.

The field that we will add is a system field, one that is automatically created for you by DataWeb when you create a data table. The OwnedBy field tracks the name of the user who inserted the record. By adding this field to the view, we can see who added which record. However, we want to prevent anonymous users from seeing this information, so after we add the field, we'll restrict access to it. 

* To add the OwnedBy field to your view and restrict access to it, follow these steps:

1. Navigate to the default.view file in the Books folder, and display default.view in the Designer.
2. Select the view's data region. On the Insert menu, choose Field.
3. In the Insert dialog, select OwnedBy from the System Fields section. Click Finish to add the field to the view.
4. Select the newly added OwnedBy field and set the Permissions to View property to Editor.

To see the affect of setting the Permissions to View property, browse the view while logged on as yourself. Then log off and browse the view as an anonymous user. When you browse the view as an anonymous user, you won't see the OwnedBy field in the view.