A Client made a table available for offline lookup but now the users are getting this error: "You do not have sufficient rights to view this page" when trying to update related tables from their mobile app, or when trying to save an offline copy. They have the submitter role, but if I change them to process admin there is no error. The submitter rights description does not mention either of these actions being allowed or not allowed. Is there a detailed breakdown of the security options for Forms? Are there any plans to allow further security customization in the security of Forms?
Question
Question
Submitter rights description is vague. Questions on what rights submitters have.
Replies
What is your mobile and Forms version?
Both update related tables and save an offline copy will call two web API
1 GET /Forms/webapi/v1/form/{formId}/externaldatabases to get the offline table/view. It works for process admin. For submitter of message start step or task owner, it works only when "Allow user to save form offline in the Laserfiche app" is enabled. Otherwise will get "You do not have sufficient rights to view this page"
2 GET /Forms/api/lookup/lookup?formId={id} to get lookup rule in the process, this need process admin access right, " cause the error "You do not have sufficient rights to view this page" when current user is only submitter.
So it need process admin right to update related tables/save an offline copy
I'm going to go out on a limb and say this doesn't sound like intended behavior. I'd suggest providing more detailed information about your setup. For example, are you using the LF App in the DMZ, have you tried the page from a DMZ instance of Forms, is the data source configured with a domain account or a SQL user, etc.
Thanks for the response Jason. I do not believe this is a process issue. my specific request is for Laserfiche to provide a more comprehensive breakdown of what rights the three Forms security settings provide. The information on the Forms guide does not tell me if they should or should not have this feature as a submitter:
- The Process Admin can modify the business process, see its results, and create reports for it. They can also reassign tasks from the results page. Additionally, process admins have the Submitter rights below.
- The Business Manager can start processes; view, create, edit, and share reports; take snapshots; edit process instance names; cancel process instances; and complete and reassign tasks. Business managers cannot design processes or delete instances.
- The Submitter can start processes, either by submitting a form or by starting a process manually. In the Completed Tasks section under My Tasks, submitters can also see information about processes they have participated in.
Hi Drew,
Just to clarify, what I meant is that I do not believe rights are supposed to have this kind of impact. The submitter permissions listed in the documentation should be exactly as described and should not affect lookups.