Doesn't the operator role do that for u?
i mean in de DIH, under Administration, usergroups, u can create a new group or edit an existing one.
in our case the operator can view everything but he cant create, edit or delete things
you just have to assign it to every user u have.
Hope it helps
we do have operator role configured and we have assigned same to application team users, still we have noticed changes in topic metadata, that's the reason thought if we could enforce restrictions to topic in other way.
if you could please help.
i think i get it, but if not , its still usefull
To really have just read rights i created a new categorie named ReadOnly,
After that i created a new usergroup ReadOnly where the option "select specific categories to grant read and or write permissions" is selected and only the ReadOnly group is added as read.
The privileges are all standaard except create edit and delete, there i only choose Monitor. if u dont clear these u can still alter any topic. After that i get the following message under the header after opening a topic. "Details are displayed in read only mode."
the only thing is in my configuration i haven't added categories to any of the topics. so at this point i cant alter any of them with a useraccount. because i cleared the edit,create and delete options.
So the correct way would be assigning the ReadOnly Categorie to all topics which u dont want changed. and every user needs to be part of the usergroup where the ReadOnly category is added as read, in this case u dont have to remove the create, delete and edit options of the usergroup because the the category only has read rights.
so in essence creating a category and setting specific rights in a usergroup with the
"select specific categories to grant read and or write permissions" would solve the issue IF the category was added to the topic.
I hope it helps