1

I have an type of document which users should not be able to read by default. What is best practice for allowing a single given user access to read a single given document of this type?

Example: a user creates an "activity", and can then invite other users to join the activity. Uninvited users cannot view any of the fields in that activity, while invited users can view all of them (but only for that specific activity).

Josh Jolly
  • 11,258
  • 2
  • 39
  • 55

1 Answers1

5

Really the only option is to use Reader fields. It's a special type of field that controls access to a document based on the values stored in that item. So you can have different reader access lists per document.

Ken Pespisa
  • 21,989
  • 3
  • 55
  • 63
  • 1
    Josh, do be careful with the Reader field. If you only put the single user in there, it will prohibit the server and any administrators from reading the field as well. Also, if you use a group name in the field, in older versions (not sure about now), it would seem to only allow reader access to those who were members of the group at the time it was created. So, a good habit is to include LocalDomainServers and at least one role in the Reader field so that you can be sure someone will always have access to the document (if only to delete or archive it later). – David Navarre Jun 19 '12 at 14:58