The form/flow visibility feature is integrated with the Access Control feature. Both features open the same wizard where you may specify form/flow permissions or grant view/edit submission permissions to specific users/roles. The form/flow visibility property is discussed here.
Setting Visibility for Forms/Flows
The Live Forms designer can specify the Visibility of a form//flow in two ways:
- Clicking the Forms Home Page or the Flows Home Page. icon on the
- Clicking the on the Form/Flow designer toolbars.
Clicking on either icon displays the same wizard which can be used to set the Visibility of your form/flow. Notice the two dropdown fields: Permission and Visibility.
When Who Can Use the form or Who can use the flow is displayed in the Permission field, the designer can select one of the dropdown choices to specify form/flow visibility. The default value for forms is Private while flows default to Public in Tenant. The choices for form/flow visibility are:
- Private - only the owner can edit, test or use the form. The owner must log in to Live Forms.
- Public In Tenant - the form is usable to anyone who has an account (username/password) and is logged in to your tenant.
- Public - anyone can use it even if they are not logged in.
- Custom - The owning designer always has access to the form/flow. Additionally, the designer may configure selected users and/or roles (i.e. users with these roles) to have runtime access to the form. Custom is not supported for flows because roles and users are assigned to the steps in a flow to indicate who has permission to perform that step.
The Visibility property has been removed from the form/flow properties pane in the designer. You can no longer change form/flow permissions in this manner. When Live Forms is embedded in another product such as Atlassian's Confluence wiki, you do not have access to the icons described above.
The designer can grant form/flow access to explicit users/roles by selecting the Custom choice from the Visibility dropdown. Roles and users can be selected via an editable combo-box control. As the user types, Live Forms will try to find any roles and users in the tenant that contain the typed string. Up to 5 matches are displayed below the combo box. Selecting a role/user from the dropdown inserts the selection into the list.
The Expense Report in the above images can be used by anyone in the tenant with the role of Employee, Manager or Accounting, the user id of the Reviewer and the user Sue. Notice the Reviewer role is encased between curly braces. This is an example of a form template. Templates are like variables in your form that will be evaluated at runtime and replaced with the actual values entered. For templates to work, there must be a control in your form with the name given inside the curly braces.
The user, Jack, who has the role of frevvo.Publisher, is not a Reviewer for anyone in the company and of course, is not Sue, will be denied access to the form. He will see this error:
You can publish any form regardless of whether it is public or private, but if it is private, only the person who created it can edit it or test it. Another user may log in using your ID and password, however, so it is possible to collaborate on a form without sharing it, as long as two of you are not editing the same form at the same time. Two or more people may test the form and view submissions at the same time.
Similarly, if a form is public in tenant, only users with accounts in the tenant will be able to access the form.
A form made public this way is accessible to anyone with the form's Url. There are other methods of sharing forms that have increasingly higher levels of security. See form security for details.
If you have made your form public and users have begun submitting it, you'll need to use caution when modifying your form. If users access it while you are editing it, they will see error messages indicating that the page is being refreshed or that the form is invalid.
You can mark your form private until you are done updating it, which will prevent new users from accessing the form, but if users happen to be completing the form when you switch it from public to private, they will see error messages. A better approach if feasible is to edit the form in a copy of your application running on a staging server. You can then replace the current form with the new form by removing the original application/form/flow from the staging server and uploading the new application/form/flow.
ACL settings,set by the designer, are retained when you download/upload a form/flow/app to another designer user in the same or different tenant and when you copy a form/flow.
The designer can set other permissions, such as who can view/edit submissions for forms and flows via the Access Control wizard. Roles and users that can view the audit trail or be designated as flow administrators are specified through the same wizard.