I'm working at a client who got publisher but there is a document that has section access but they use the option of data reduction based on section access
so far the security is working fine however yesterday they encountered a case where a developer had to reload this document while users have the dashboard opened in their browsers and some users saw data that they are not allowed to but when these same users closed and opened the browser session everything was fine
is there a risk with the option of making data reduction based on section access?
is it true that if a user is viewing the dashboard while a reload finishes (s)he might see restricted data?
please advise as I have to answer what might have happened!!
Section Access worked only by opening an application. If there any possibility to reload an opened application all data without restrictions will be available. I think there are 3 general approaches for this:
- avoiding reloads (there are options within the application and the server)
- modify the load-statements (always in context to the user rights)
yes this is what I recommended ; to use publisher power to reduce and distribute and loop field in document
but I need to find an answer of why that use saw data that he is not supposed to then after reopening the browser everything went right afterwards
I mean does reloading an open application makes all the data visible to users unless they reopen the application so that reduction takes place on opening event?
With section access each reloading/refreshing from open applications should be avoided then it worked only by opening an application. I assume that in your case some options wasn't set properly so that a refreshing from the data was possible. But which one - I don't know. Have a look on the document properties within the tab server ...
