Discussions

Expand all | Collapse all

Everyone on the Internet bug with Mobile

  • 1.  Everyone on the Internet bug with Mobile

    Posted 03-05-2018 23:27
    I created a single report that can be accessed by the Role Everyone on the Internet (EOTI). The EOTI role was set without the ability to modify records.  But when a user in the role of EOTI access the report via mobile, they are able to access full records from the report and save them. This is not ideal.  What do I need to do to prevent anyone on a mobile device from accessing and modifying all of my records?
     


  • 2.  RE: Everyone on the Internet bug with Mobile

    Posted 03-05-2018 23:31
    Also, the report was created without the ability to view or edit records. But when you load the report on a mobile device you can view and edit everything.


  • 3.  RE: Everyone on the Internet bug with Mobile

    Posted 03-06-2018 15:55
    I have a open internet roll also in internet and it works perfectly.

    Can you share a screen shot of the EOIT user roll setup ? and we can see if there is something wrong in the setup. 


  • 4.  RE: Everyone on the Internet bug with Mobile

    Posted 03-05-2018 23:32
    It�s highly unlikely that there is that gaping hole in security.

    It�s more likely that you are still logged on when you are testing the EOTI Role.


  • 5.  RE: Everyone on the Internet bug with Mobile

    Posted 03-05-2018 23:41
    smh can we delete this thread? My team mislead me.


  • 6.  RE: Everyone on the Internet bug with Mobile

    Posted 03-06-2018 00:09
    Actually, i can't make it go away, you might want to set something up similar to see if there is a glaring hole. The report we've created has no ability to access a record. But all records can be accessed when an EOTI users views the report on a mobile device. I'm going to create a custom form for EOTI users, with only a few fields visible.


  • 7.  RE: Everyone on the Internet bug with Mobile

    Posted 03-06-2018 15:17
    Hi Ringoparr,

    If after confirming that your Everyone on the Internet users and role are able to access these records even though they have no edit permissions I would recommend submitting a support case with our Care Team so they can look at the specific set up to see if they can isolate if this is a bug or if there is a factor in play in your application that could be causing this issue. You can submit a Support Case by clicking on this link and just let us know the specific application and the details of the issue, then the Care Rep can get an invite to replicate the issue and diagnose what might be going on.