Comment on page

Form fields

Overview
You can control access to specific form fields based on the user user's roles.
Using and accessing roles
The $fr-roles XPath variable can be used in formulas controlling whether a field or section is visible or readonly. $fr-roles contains the list (as an XPath sequence) of roles of the current user, if any. Each role is represented as a string.
You can make a control non-visible to the current user by defining a visibility expression that returns false(). If the control is visible, you can make it readonly to current user by defining a readonly expression that returns true().
Examples
The following "Visibility" expression makes a section visible only if one of the roles has value admin:
fr:user-roles() = 'admin'
Due to the logic of XPath comparison on sequences, this expression returns true() if at least one of the roles is admin, even if there are other roles available.
NOTE: Until Orbeon Forms 2016.1, use the following instead.
$fr-roles = 'admin'
See also
​Setup users for access control - How to setup Orbeon Forms so that users and roles are provided.
​Login & Logout - Optional user menu for providing links to login and logout functions.
​Access control for deployed forms - How to control access to deployed forms.
​Access control for editing forms - How to control access to Form Builder.
​Owner and group member permissions - Access based on ownership and groups.
​Organization-based permissions – Access based on organizational structure.
​Token-based permissions - Token-based permissions
​Scenarios​

Deployed forms

Editing forms

Last modified 7mo ago