<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello Piet<br>
Thanks for this tip (this is worth investigating).<br>
However: The problem is also present for other roles.<br>
Example: we have a role that is allowed to edit single records and
to print/report. This role is also capable of deleting the selected
PFT.<br>
In fact: any role with print/report capabilities can delete PFT's.<br>
And that remains an undesired situation, so my request to add below
(or similar) code remains active. <br>
Thanks & Regards<br>
Fred<br>
<br>
<div class="moz-cite-prefix">Op 18-9-2017 om 16:00 schreef Piet De
Keyser:<br>
</div>
<blockquote type="cite"
cite="mid:451b2840b5ae4be59b22d8b247ed3afe@ROLLING.int.ucll.be">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
p.fragmentcodeofoutput, li.fragmentcodeofoutput, div.fragmentcodeofoutput
{mso-style-name:fragmentcodeofoutput;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
span.termoffile
{mso-style-name:termoffile;}
span.E-mailStijl20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Dear
Fred,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">I don’t understand why you should use ABCD in
read only mode. It seems to me that people with only read
access should use IAH.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Piet de Keyser<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">UC Leuven-Limburg<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Belgium<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"
lang="NL">Van:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"
lang="NL"> isis-users
[<a class="moz-txt-link-freetext" href="mailto:isis-users-bounces+piet.dekeyser=ucll.be@iccisis.org">mailto:isis-users-bounces+piet.dekeyser=ucll.be@iccisis.org</a>]
<b>Namens </b>fred train<br>
<b>Verzonden:</b> maandag 18 september 2017 15:18<br>
<b>Aan:</b> Isis Comunidad
<a class="moz-txt-link-rfc2396E" href="mailto:isis-users@iccisis.org"><isis-users@iccisis.org></a><br>
<b>Onderwerp:</b> [Isis-users] ABCD allows delete
display format file by user with only read-only access<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hello team<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal">We working with ABCD 1.4 and are in the
process of defining new profiles for our installation.<br>
We have defined a "read-only" role. In order to give this
role an option to print/report we have marked option
"Print Records".<br>
<br>
Unfortunately this option shows a screen with links to
Edit/Delete a selected PFT file.<br>
See attached screenshot.<br>
And the "Delete" button is functional: it deletes the
file!!<br>
The "Edit"button is shown but has no effect. Not
dangerous, only not nice.<br>
<br>
I have tracked this down to code in
.../www/htdocs/central/dbadmin/pft.php, line 741.<br>
<br>
<o:p></o:p></p>
<p class="fragmentcodeofoutput"><span style="color:#7030A0"
lang="EN-GB">echo "<a href=<a
href="javascript:LeerArchivo(\" moz-do-not-send="true">javascript:LeerArchivo(\</a>"\")>".$msgstr["edit"]."</a>
| <a href=<a href="javascript:EliminarFormato()"
moz-do-not-send="true">javascript:EliminarFormato()</a>>".$msgstr["delete"]."</a>";</span><o:p></o:p></p>
<p class="fragmentcodeofoutput">Should be controlled by
permissions like:<o:p></o:p></p>
<p class="fragmentcodeofoutput"><span lang="EN-GB">if
(isset($_SESSION["permiso"]["CENTRAL_ALL"]) or
<br>
isset($_SESSION["permiso"]["CENTRAL_EDPFT"]) or<br>
isset($_SESSION["permiso"][$arrHttp["base"]."_CENTRAL_ALL"])
or <br>
isset($_SESSION["permiso"][$arrHttp["base"]."_CENTRAL_EDPFT"])){</span><o:p></o:p></p>
<p class="fragmentcodeofoutput"><span style="color:#7030A0"
lang="EN-GB"> echo "<a href=<a
href="javascript:LeerArchivo(\" moz-do-not-send="true">javascript:LeerArchivo(\</a>"\")>".$msgstr["edit"]."</a>
| <a href=<a href="javascript:EliminarFormato()"
moz-do-not-send="true">javascript:EliminarFormato()</a>>".$msgstr["delete"]."</a>";</span><o:p></o:p></p>
<p class="fragmentcodeofoutput"><span lang="EN-GB">
}</span><o:p></o:p></p>
<p class="MsoNormal">My request is to add this or similar
code to new versions of ABCD in order to prevent that
read-only users can modify anything in the database
definition files.<br>
Comments are also welcome.<o:p></o:p></p>
<p class="fragmentcodeofoutput">Thanks and regards<o:p></o:p></p>
<p class="fragmentcodeofoutput">Fred Hommersom<o:p></o:p></p>
<p class="MsoNormal"><br>
<br>
<o:p></o:p></p>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>