We have a requirement where users should not be allowed to delete any data from the schema. We have restricted the users with 'Delete data' option in folder properties. But users are still able to delete using query & update data activity in the workflow.
Is there any way to restrict deletion?
Its not a bug its a feature. We have the same setup while on workflow i can remove the entire instance if i please.. but in the explorer i cannot remove a single thing.. maybe its a product related and not the setup itself.
But additional to folder restrictions you might set up the sysfilters on schemas maybe that way the update activity will throw an error
Also you can add another enumeration which is used in update data where you will not add delete.
the used enumeration is in nms:workflow ---> operation type
<enumeration basetype="string" default="insertOrUpdate" name="operationType"> <value label="Insert or update" name="insertOrUpdate"/> <value label="Insert" name="insert"/> <value label="Update" name="update"/> <value label="Update and merge collections" name="merge"/> <value label="Delete" name="delete"/> </enumeration>
Then in the FORMS you will just feed different enumeration based on rights?
<container type="visibleGroup" visibleIf="GetLinkCardinality([../@schema], @dstExpr)==0 OR @dstExpr=''"> <input enum="xtk:workflow:mergeType" label="Merge type" type="sysenum" xpath="@operationType"/> </container>
Ok i did not know, but when you second that with sysfilters on schemas it should do the job. Or not i do not see delete sysfilter in the docu
Or you can change the drop down values based on rights? Edited the answer
Hi, On a product standpoint, the path forward to control data CRUD remains the combo folder restriction + sysfilters. Sysfilters needs to apply on each schema/table and then could impact overall queries performance. On top of this, admin users cannot be blocked. admin is by definition such level of user with total control on the instance.