Home › Forums › Classic DFFS › Request: Master Password for DFFS
- This topic has 4 replies, 3 voices, and was last updated 6 years, 7 months ago by Alexander Bautz.
-
AuthorPosts
-
-
March 22, 2018 at 21:30 #20366
Hello,
I would like to see the option for setting a master password that would be applied to all list forms for access to the DFFS backend, instead of having to go through every single list, and setting the password manually on all 3 forms (new, edit, display).
Thoughts?
-
March 26, 2018 at 16:50 #20393
I’d actually prefer to see more support for permissions based access and avoid passwords altogether. That gets away from the issues surrounding forgetting/sharing of passwords.
I usually rely on permissions on the SPJS-DynamicFormsForSharePoint list – so users may be able to get in and view the config if they know to click bottom left on the form, but they can’t do any damage as they only have read access.
Would it be possible to apply restrictive permissions to dffs_backend_min.js so that only authorised users can access/view the backend config? -
March 26, 2018 at 18:34 #20397
Hi,
I think the easiest would be to restrict edit access to the SPJS-DynamicFormsForSharePoint list itself.You could also write some custom code and place it in the bottom of the “DFFS_loader.html” file to initially hide the enter setup button and only show it to members in a specific SP group. Here is an example:
<style type="text/css"> #dffsEnterSetupBtnWrap{ display:none; } </style> <script type="text/javascript"> jQuery.ajax({ url: _spPageContextInfo.webServerRelativeUrl + "/_api/web/currentuser?$expand=Groups", method: "GET", headers: { "accept": "application/json; odata=verbose", "content-type": "application/jsom;odata=verbose", "X-RequestDigest": document.getElementById("__REQUESTDIGEST").value } }).done(function (data) { var g = {}; jQuery.each(data.d.Groups.results, function (i, o) { g[o.Id] = true; g[o.LoginName] = true; }); // Check the group name by display name or ID to see if current user is member if(g["TestGroup1"]){ jQuery("#dffsEnterSetupBtnWrap").show(); } }).fail(function (err) { // catch error? }); </script>
I guess setting item level security on the DFFS_backend_min.js file to restrict read access to only a selected group could work also.
Alexander
-
March 27, 2018 at 18:22 #20405
Thanks Alexander
The code above – is that different to the built in functionality in the Misc tab of DFFS?
Enter setup button
Disable the “Enter setup” link on the “Enhanced with DFFS” text below the form for all but these user IDs or SharePoint group names / IDs. Use with caution – I recommend setting a password instead.There is also the option to allow access to the backend config via a dedicated page – That could be set up in a separate site pages library to limit access to authorised users (in conjunction with removal of the setup link on the form)
While I wouldn’t normally support any form of item level permissions, in this case it might be quite effective if used on dffs_backend_min.js
Adam
-
April 28, 2018 at 21:24 #20689
The code does the same as the one in the Misc tab, but by adding it to the loader file you could avoid having to set it in all form configs.
Alexander
-
-
-
AuthorPosts
- You must be logged in to reply to this topic.