Writing Rules to Secure Attachments

When you have determined the location of the header and, if needed, detail file, you can write a rule against the file in the same way you would write any other rule.

Example: Grant all access to members of a group

For example, if the file containing the attachments is L_HEMP, select this object from the Object Viewer under files. (In this case, the Object Viewer contains an object called L_DEMP. This is the detail file, Do not write a rule on this object. It will be secured automatically through the L_HEMP rule.)

The following rule allows only members of the Marketing department to see the attachment data file, L_HEMP.

if(user.isMemberOf('Marketing'))

'ALL_ACCESS'

else

'NO_ACCESS'

Form clip: Example rule securing attachments

You could also write a conditional rule to grant access to particular actions, such as, "Inquire." A user could then view existing attachments but could not update or delete them.