Security

It's important to note that the user can only search within the records that they have access to view. Any records that are returned from the search that the user cannot access for security reasons will be omitted from the result. 

There are two levels of security being applied here: 

  • On the one hand, a check is made to see whether any single result from the search is accessible to the user based on the roles with which they are configured. If they are not allowed to see that record then it is skipped and the next record in the result is reviewed. 

  • Secondly, any result that is clicked on will be checked again to see if the user has appropriate rights to view that record. This security is also applied when links to a record are sent to a different user to ensure that they have access to that record. 

This is a vast improvement on the security you would get by using a third-party search engine. In those all records available in the database will be indexed because the crawler will view the application as a website without any concern for individual access restrictions. Because WorkflowFirst understands the database and the way users have been granted access, it can be far more diligent about ensuring that the search results do not breach the access rights granted to them.


Next Topic:
v4.2.0.956 (beta)
Up Since 2/29/2024 12:02:23 AM