Feature Proposal: Set permissions for DataForm fields

Motivation

It would be very useful, if there is a flexible and comfortable way to add permissions to DataForm fields for editing and viewing.

Description and Documentation

It would be great, if we could define permissions for DataForm fields. So that for specific groups or users some DataForm fields get available and some not. Does somebody know if this could be possible?

Examples

Impact

WhatDoesItAffect:

Implementation

-- Contributors: SvenHess - 21 Sep 2010

Discussion

Problem is you can always view the content of a field using ?raw=debug, so you can't control view security.

As for edit security, you could probably make a plugin to do it. To compare, MetaCommentPlugin is able to protect %META:COMMENT{..}% metadata (a custom meta type) via new ALLOWTOPICCOMMENT, DENYTOPICCOMMENT, etc. permissions separate to existing VIEW and CHANGE controls. I also seem to recall that WorkFlowPlugin does more advanced ACLs on who can transition some formfield state from state to another.

I hope my work on NestedFormsPlugin will be available in svn some time next month. This is a thing that shows a table/grid/linear view of many topics nested (from UI point of view) inside a container field of another topic. Now, if you wanted proper view/edit ACLs, you can do it because the field is actually made of separate topics that can have their own ACLs separate to the containing topic.

-- PaulHarvey - 21 Sep 2010