Developer forum

Forum » Feature requests » Item Creator read only pages

Item Creator read only pages

E-mail notifications
Hans Ravnsfjall
Hans Ravnsfjall
Reply
Posted on 18/06/2020 11:20:29

In relation to Item Creator, it would be a nice feature if the items that were created, are read and delete only items.

The reason being, that item creator makes sense in a context where others than the website owner, are the ones creating the items. And in some cases, we don´t want it to be possible to alter the content created by the Item Creator.

In our specific case, we have costumers who need a forms solution, but the forms module won´t do for several reasons.

Partly because they want to be able to print the forms "applications" in a neat and styled way, but at the same time - they don´t want to send sensitive information in an Email. They want to keep behind a login in an environment that they have somwhat control over.

 

The Item Creator sort of makes this possible, but the editors need to be able to delete form applications, as they don´t want to keep private info longer than needed, but at the same time - the editor should be protected against being able to change the data in the form applications.

setting an item to "readonly", and thereby inactivating all fields could be one way to solve this?

/Hans

 

 

 


Replies

 
Nicolai Pedersen
Posted on 18/06/2020 13:19:46
Reply

You can use forms to send the link to a receipt (avoiding sensitive information in the mail) - and the receipt will hold the information and do that behind extranet login. The receipt can then use whatever template(s) to render its content in various ways - even in a PDF if needed.

 
Hans Ravnsfjall
Hans Ravnsfjall
Posted on 18/06/2020 14:04:58
Reply

Hi Nicolai.

Would that be the page after submission page? Or how do i decide where the receipt will end up?

/Hans

 
Nicolai Pedersen
Posted on 18/06/2020 14:31:48
Reply

The receipt is on the same page as the form - as a general rule. you will see /formpage?s={submitToken}

You can have the form in one page, and show the submit on another page if you wan - and simply re-use the submit token: /showReceipt?s={submitToken}. Just remember to add the forms module to that other page. It can either be page after submission OR you can just hardcode the link in the template - if you use page after submission the user filling out the form will also be redirected to that page. You might not want that - only the person clicking the link in the template.

Then you can also overwrite the receipt template - default receipt template is taken from paragraph settings of the forms module - but you can override the template using a parameter like this:

/showReceipt?s={submitToken}&formSubmitConfirmationTemplate=otherreceiptTemplate.cshtml

You can also combine that with overwriting the layout template (i.e. if you want to render a PDF or a totally different layout:

/showReceipt?s={submitToken}&formSubmitConfirmationTemplate=otherreceiptTemplate.cshtml&layoutTemplate=pdfLayout.cshtml

And then you can combine it once again with pdf=true to actually generate a PDF:

/showReceipt?s={submitToken}&formSubmitConfirmationTemplate=otherreceiptTemplate.cshtml&layoutTemplate=pdfLayout.cshtml&pdf=true

BR  Nicolai

 

 
Hans Ravnsfjall
Hans Ravnsfjall
Posted on 22/06/2020 15:54:10
Reply

ok, thank you Nicolai - but isn´t there a risk that sensitive info could be exposed publicly, if someone gets access to the token? Or is there a way to have the public forms module never show any info in a receipt, while the one that is locked behind extranet or backend login can show the info?

/Hans

 
Nicolai Pedersen
Posted on 22/06/2020 16:57:29
Reply

If you remove the template for the receipt on the public page - or create a version with no tags in it, it will not show anything. Also the token is pretty random and is therefore almost as secret as the username.