CDI Blog

Search
  • Kyle Knebel

Consultant's Corner: Entry Access Rights Searches



This month’s Consultant’s Corner article focuses on the search feature, Advanced Searches on Entry Access Rights. This search feature was first made available in version 10.3. Below CDI’s Software Trainer, Kyle Knebel, will walk you through how to locate entries with specific Entry Access Rights directly assigned to them.


*Please note, these searches do not return entries that inherit the specified entry access rights.


Let’s begin.


An Advanced Searchis accomplished by using the Search Syntax box in the Windows or the Web client. Security searches are not currently available in the User Interface (UI).


Web Client:



Windows Client (check the box to Include search syntax in query):




Here are four example searches that might be useful:


1. Finding entries where trusteename has security assigned to them (or denied to them). This search uses trusteein order to find all entries where the user is explicitly assigned.


For example, let’s find entries where the user Jane is explicitly assigned to entries. The syntax would be:


{LFACE:trustee="Jane"}


Or, let’s find entries where the group LFUsers is explicitly assigned to entries. The syntax would be:


{LFACE:trustee="LFUsers"}










Finally, if you wanted to find all entries where an entry access right of either Allow or Deny is explicitly granted the syntax would be:


{LFACE:type = “*”}


2. Finding entries where security is allowedor denied to a user or group. This search uses trustee and typein order to find all entries where an entry access right is either allowedor denied.


For example, let’s find entries where the user Jane is explicitly denied on entries. The syntax would be:


{LFACE:trustee="Jane", type="Deny"}


Or, let’s find entries where the group LFUsers is explicitly allowed on entries. The syntax would be:


{LFACE:trustee="LFUsers", type="Allow"}


3. Finding entries explicitly assigned with the specified scope (regardless if allowed or denied). This search uses scope to find entries with the indicated scope(s).

There are nine scope types available. The most commonly used is all, which will find the scope of This folder, subfolders, and documents. The syntax would be:


{LFACE:scope = “all”}


Or you can use notthisentry, which will find the scope of Subfolders and documents only. The syntax would be:


{LFACE:scope = “notthisentry”}


Here’s the list of all the scope types available in this search syntax:


documentsonly: Documents only

thisentry: This entry only

folders: This folder and subfolders

foldersonly: Subfolders only

immediate: This folder and its immediate children

immediatechildren: Immediate children only

immediatedocuments: Documents that are immediate children only

notthisentry: Subfolders and documents only

all: This folder, subfolders, and documents


4. Finding entries where a trustee is granted or denied any combination of rights.

To find entries that are assigned both the Browse right and the Read right, and that may also have other rights, the syntax would be:


{LFACE:rights = “BrsRea*”}


To find entries where the explicitly assigned entry access rights are anything other than exactly and only the Read and Browse rights (entries with explicitly assigned rights in addition to both the Read and Browse rights will be included in the results) , the syntax would be:


{LFACE:rights <> “BrsRea”}


To find entries where users who are not the ADMIN user have not been explicitly assigned any rights, the syntax would be:


{LFACE:rights = “---“, trustee<>”ADMIN”}


Here’s the list of all the three-character strings available in this search syntax:


brs: Browse

rea: Read

mcn: Modify Contents

ada: Append Data

del: Delete Entry

ren: Rename

dpg: Delete Document Pages

san: See Annotations

ann: Annotate

red: See Through Redactions

wme: Write Metadata

crd: Create Documents

crf: Create Folders

rac: Read Entry Security

wac: Write Entry Security

cow: Change Entry Owner

srd: Set Last Review Date

frz: Freeze/Unfreeze

evt: Set Event Date

cls: Close/Reopen Folder

---: (three dashes) indicates that no rights have been explicitly assigned.


Thank you, Kyle!


Be sure to try out these unique searches the next time you want to find entries based on which trustees have entry access rights assigned to them for an entry, the specific entry access rights involved, whether the right is allowed or denied, or the scope of that right. We’ll see you next month!

26 views
news, knowledge, updates, tips & tricks, and more >

Subscribe

Departments

CDI_Blog_Icon_match_50x50.png

Connect with Us

  • Facebook - Grey Circle
  • Twitter - Grey Circle
  • YouTube - Grey Circle
  • Grey LinkedIn Icon

Services & Solutions

Connections

About Us

2000 O'Neil Road #150, Hudson, WI 54016  |  © 2020 Cities Digital, Inc. All Rights Reserved