I know it's possible in Fabrik to filter a list based on a users relationship to that list and hence only allow them to see records that pertain to them. What's to prevent a user from accessesing an unallowed record by simply typing in the URL directly, like this?
index.php?option=com_fabrik&view=details&formid=26&rowid={whatever row I so desire}
In other words, how do you control access at the record level? I know you can do it somewhat using the viewlevel element plug-in, but that wouldn't be a practical way to limit users to only their own records, since you'd have to have a separate user group for each user.
Some enlightenment would be very helpful. I suspect I'm just not thinking this through correctly.
index.php?option=com_fabrik&view=details&formid=26&rowid={whatever row I so desire}
In other words, how do you control access at the record level? I know you can do it somewhat using the viewlevel element plug-in, but that wouldn't be a practical way to limit users to only their own records, since you'd have to have a separate user group for each user.
Some enlightenment would be very helpful. I suspect I'm just not thinking this through correctly.
