Reveal Existence feature
The purpose of this feature is to display a message that tells a user they cannot view a record because of insufficient permission.
The Reveal Existence feature works in conjunction with the security context feature. You may want to review the Hiding records topic in the Creating a security model section.
The feature is managed by a Web server site configuration setting, the Allow Dynamic Forms Groups, which specifies which groups can use the feature. The feature is available if you are a member of one of those groups. To get permission, you can ask an administrator for the privilege or see the Applications Options Page topic to set it up.
This feature allows an administrator to define a set of record types for which the new message
will be reported via setting a master property VIEW_RECORD_REVEAL_EXISTENCE
. The
master property can be DB Set specific. See the installutil setmasterproperty topic for more information.
installutil setmasterproperty 2.0.0 admin "" VIEW_RECORD_REVEAL_EXISTENCE "record_type_1;record_type_2;record_type_N"
-all
to indicate that this applies to all record types:
installutil setmasterproperty 2.0.0 admin "" VIEW_RECORD_REVEAL_EXISTENCE "-all"
Currently, if a user has no access to a record due to a security context, a record not found message is displayed. The same message is displayed when the user looks up a record that does not exist.
When this feature is enabled, the following message will be displayed, Insufficient privilege to view record 'XYZ', if the record exists but the user cannot see the record because of security context.
This feature will avoid potentially confusing situations when Privileged Queries feature is being used. When a regular user tries to open a hidden record from a result set produced by a privileged query, the user is informed that the record does not exist, which is not consistent with what it is shown in the result set.
When this feature is enabled, a regular user would instead be told they do not have privilege to view the record.
The Reveal Existence feature allows to inform the user that they do not have enough privileges to see the record because of the security context, instead of being told that the record does not exist.
For more details, see also the Privileged Queries topic.