Form Access Control

Each time an instance of a form is created, the instance is given an unique URL. The URL of the form instance can be copied or bookmarked to be revisited later. The URL could also be copied and sent to other users. There may be times where you want to limit access of the form.

This is an example on how to create a simple form that only allows the owner to access the form. It requires the use of the following modules:

  • ETL
  • Workflows
  • Forms

Create ETL

In the ETL module, create a new ETL chainset named FormAccess and define two ETL chains.

Setup the two ETL chains as per screenshot.

The first ETL chain init has only one ETL step Current User Id that puts the current user ID into elxPrivate.elxAccess. The elxPrivate.elxAccess field can be either:

  • Not present (default/existing behaviour)
  • A User ID string (limits access to a particular user)
  • An array of User ID strings (limit access to a group of users)

In this example, the form is limited to the current user.

The second ETL chain submit places the values of name and address fields into elxPublic. These two fields tallies with the fields in the form that is to be created later.

Remember that data in elxPublic is sent to the browser, whereas data in elxPrivate is retained only on the server side.

Create Workflow

In the Workflows module, create a workflow, using the desired dataset collection and the ETL chainset created above.

In the workflow, add a submit transition that loops the “Running” state and select the submit ETL in the “OnTransition” field property. For the starting transition, in the “OnTransition” field property, select the init ETL.

Create Form

In the Forms module, creates a simple form with three components, namely a Text Input, a Text Area and a Button Bar.

Setup the components as per the screenshot below.

Testing Form

Run the form with the workflow created earlier. The form will appear in a separate tab.

Copy the URL of the form from the address bar. Close the tab and open another tab. Paste the URL onto the address bar. As the user is the current user (recorded in the init ETL), the form should appear.

Log out and log in as another user. Open a new tab and paste the same URL onto the address bar. An error message will appear.

The init ETL step prevents other users from accessing the form even through they have the URL of the form.

Next: Internationalisation