https://community.esri.com/t5/arcgis-online-ideas/attachment-privilege-control-in-hosted-feature/idi-p/1290670 <P>I often use views as part of a data review process, where users can flag records as "reviewed" or "rejected" by setting an attribute value.&nbsp; I typically give them access to that field along with a text field for review notes, while disabling adds, deletes, geometry updates, and updates to all other attributes.&nbsp; I'd like them to be able to view attachments but as data reviewers they shouldn't be allowed to add new attachments or delete existing attachments, and I don't believe that's currently possible.&nbsp; The best workaround I can come up with is to hide attachments on the editable view, while exposing a second read-only view with attachments visible (kind of clunky).</P><P>It would also be great to have views configured so that users could add new attachments, but block them from deleting existing attachments.&nbsp; I believe this can be controlled in S123 forms but it would be preferable if it was enforced at the service level.</P> Thu, 18 May 2023 16:07:57 GMT MobiusSnake 2023-05-18T16:07:57Z https://community.esri.com/t5/arcgis-online-ideas/attachment-privilege-control-in-hosted-feature/idi-p/1290670 <P>I often use views as part of a data review process, where users can flag records as "reviewed" or "rejected" by setting an attribute value.&nbsp; I typically give them access to that field along with a text field for review notes, while disabling adds, deletes, geometry updates, and updates to all other attributes.&nbsp; I'd like them to be able to view attachments but as data reviewers they shouldn't be allowed to add new attachments or delete existing attachments, and I don't believe that's currently possible.&nbsp; The best workaround I can come up with is to hide attachments on the editable view, while exposing a second read-only view with attachments visible (kind of clunky).</P><P>It would also be great to have views configured so that users could add new attachments, but block them from deleting existing attachments.&nbsp; I believe this can be controlled in S123 forms but it would be preferable if it was enforced at the service level.</P> Thu, 18 May 2023 16:07:57 GMT https://community.esri.com/t5/arcgis-online-ideas/attachment-privilege-control-in-hosted-feature/idi-p/1290670 MobiusSnake 2023-05-18T16:07:57Z https://community.esri.com/t5/arcgis-online-ideas/attachment-privilege-control-in-hosted-feature/idc-p/1290899#M10107 <P>I created this idea to explicitly have the update capability allow attaching but not deleting photos:</P><P><A href="https://community.esri.com/t5/arcgis-online-ideas/allow-users-to-add-attachments-but-not-delete/idi-p/1290895" target="_blank">https://community.esri.com/t5/arcgis-online-ideas/allow-users-to-add-attachments-but-not-delete/idi-p/1290895</A></P><P>Existing enterprise equivalent:</P><P><A href="https://community.esri.com/t5/arcgis-enterprise-ideas/prevent-users-from-deleting-attachments-if-they/idi-p/1209189" target="_blank">https://community.esri.com/t5/arcgis-enterprise-ideas/prevent-users-from-deleting-attachments-if-they/idi-p/1209189</A></P><P>The only fully functional workaround that is 'secure' is to use a related table with Create to collect records with photos attached to that. However, the photos then become difficult to see in the pop-up as they are not directly attached to the geometry layer.&nbsp;</P><P>I'm not interested in survey form level control as the underlying data is theoretically still exposed, so a user with understanding of ArcGIS Online could go and delete photos.</P> Fri, 19 May 2023 00:19:48 GMT https://community.esri.com/t5/arcgis-online-ideas/attachment-privilege-control-in-hosted-feature/idc-p/1290899#M10107 ChristopherCounsell 2023-05-19T00:19:48Z