Hide contents of NAME field in search results

[shtali]

Hi,
I have a situation as follows:
When performing a search, I need to be able to show results (meta data + content) to users that have access to those documents, but for users that are not permitted for those documents I need to hide sevral meta data fields like NAME (leave it empty) so they know that the document exist but won't be able to open it or understand it's content.

Any ideas without development?
Any ideas with developments..?

Thanks

 

[appnair]

Search results are permission filtered
so if user X does not have at least S,SC on the object thru directly or indirectly it si not going to show up.This is 1 on one livelink permissions
What makes a link clickable it is S,SC on the acl of the object,if it is S they cannot click it,can they see attributes?perhaps it it is linked to 'Edit Attributes' permissioning. You appear to not understand livelink perms 101.A class called Knowledge Fundamentals will teach you how to permission them.

Livelink's pages when it shows up in a user's browser such as your search results all that beautification,anesthetization is acheived by CSS.It also has Jquery loaded in the page.You can look at the source of the search page and do some gimmicky customization as well.

I show an example here to a user who could not understand livelink permissions and wanted to customize livelink

http://livelink.in/to-jquery-or-not-to-jquery/

If I were you I would role play with users/groups and the right permissions set to achieve what you want

Well, if I called the wrong number, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937
Certified OT Developer,Livelink ECM Champion 2008,Livelink ECM Champion 2010

http://www.tek-tips.com/faqs.cfm?fid=2884

http://www.linkedin.com/in/appunair

http://www.livelink.in

 

[shtali]

Hi,
Thanks for your explanation.
I think the challenge is more fundemental than that:
Imagine a user who has only SEE permission on a file but no permission on the folder where the file is in. When performing a search, he will not see the file because he doesn't have permissions on the father-folder.
And if he does have permissions on the father-folder, he will see the file with no option to disclose the file name even if the "Edit Attributes" is un-checked for this user for this file..

Shai

 

[appnair]

that is not how search works every object is treated as an individual entity and has its OWN ACL
Nowhere is hierarchy considered like your father clause.
in you eg. if Enterprise:No Perm folder:File if they have respective dataids 2000:7890:9987
if the user X is searching on the scope starting at Enterprise for a term such as the otregion name "file"
the serchengine returns without any understanding of permissions all objects that are in livelink under the scope
The livelink server then says has File (9987) can be shown to X but :7890 cannot
so the effect in the GUI will be like 9987 will be shown but no bread crumb or location back.It will appear like hanging on its own.




Well, if I called the wrong number, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937
Certified OT Developer,Livelink ECM Champion 2008,Livelink ECM Champion 2010

http://www.tek-tips.com/faqs.cfm?fid=2884

http://www.linkedin.com/in/appunair

http://www.livelink.in

 

[shtali]

That is what I expect it to do but It doesn't. I will re check again all my permissions and groups to verify.
Thanks!

 

[appnair]

I just tested what I said and you should know some basic things that will throw you off.
One when you are role playing you should use two different browsers say Firefox for one user and IE for another users
Browsers of the same kind share cookies
Here's how I tested that
I created a hierarchy Enterprise:Upstream:Norway
I took a user called lledms I put a file called something.xml in Norway.
I removed everything except on the ACL owner,group,other only lledms has S,SC on teh file
I removed lledms from the parent folder
I went to enterprise and searched for "something"
I found something.xml not traversable in the GUI nor is the parent available

Now in my case LLEDMS is a user with no SA privs enabled,iF SA privs are enabled then it is an automatic bypass
Livelink treats SA as everything can be seen/shown so no ACL checks will happen

Well, if I called the wrong number, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937
Certified OT Developer,Livelink ECM Champion 2008,Livelink ECM Champion 2010

http://www.tek-tips.com/faqs.cfm?fid=2884

http://www.linkedin.com/in/appunair

http://www.livelink.in

 

[shtali]

Hi
Thanks! I tested your scenario and it is working, but I need to give the user only SEE (not SC)... and then it doesn't work..
In addition, I need to be able to hide the NAME of the file from this user... and it doesn't work too.
Thanks for your efforts.

Shai

 

[appnair]

NAME is a region called OTNAME well search regions cannot be permissioned by livelink ACL so if that is indeed your requirement some of my suggestions are

1)use Jquery to strip what you do not want
2)Instead of using livelink search skin the page with custom search.Search is an inbuilt api to the engine and it looks like they are part of each other,but in reality search is separate and oscript uses the API as well.Several examples can be obtained at the KB.You would look for XML search API or Search API.You can then present your results with a XSLT removing what you do not want.Although I sound liek a lot of programming it is one of the easiest ways you can come up with a customized search.I learned all my search things from this example

http://www.tek-tips.com/faqs.cfm?fid=3552

3)Before delivering the results to your browser you would use Oscript and perhaps a NodeFilterCallback to trim what you do not want somebody to see.It would need active development though:

Good luck

Well, if I called the wrong number, why did you answer the phone?
James Thurber, New Yorker cartoon caption, June 5, 1937
Certified OT Developer,Livelink ECM Champion 2008,Livelink ECM Champion 2010

http://www.tek-tips.com/faqs.cfm?fid=2884

http://www.linkedin.com/in/appunair

http://www.livelink.in

 

[shtali]

Ok. Thank you very much. I will try it out.

 

[Emptynext]

Items with 'See permission' are never returned.

from the OpenText site: Article Number: 12741196 in the indexing forum.. ( need access to the extranet.)

Users with "See" permission can see an item inside a container, but cannot access its contents. Because Content Server Search generates summary and key phrase metadata based upon the contents of an object, if a user with "See" permission could access the summary of the contents of a document or other object, this would be a security problem. In order to view an object on the search results page, "See Contents" permission is required. Content Server has no means of displaying search results to users with only "See" permission for objects.

This issue has been reviewed by Product Management, and no changes will be made to this functionality at this time. This decision is on the basis that allowing users without "See Contents" permission access to to an object in a Search Results list would require that the user also have access to the content of the object in order to display the Summary information.

A feature request has also been submitted to Product Management to reconsider allowing users with See permissions only to view those objects in the search results.