ArcGIS Pro Can Edit Hosted Feature Layer View w/ Editing Disabled

DanAllen · ‎11-19-2024

I noticed something very alarming in ArcGIS Pro 3.4. I have a hosted feature layer in ArcGIS online, from which I created a view layer, and then shared the view layer to a group with an outside organization. The original hosted feature layer and the view layer have all editing disabled. When someone in the outside organization adds the hosted view layer to ArcGIS Pro, then can edit, delete, and save the data. Edits make their way back to the original hosted feature layer. Again, all editing has been disabled. Did I miss something incredibly basic here, or is this a critical bug that needs a fix?

Any help would be appreciated.

Eugene_Adkins · ‎11-19-2024

Just some food for thought because I don’t know what role your user account is assigned (administrator or lesser).

One, was the original hosted feature layer originally created with edit capabilities or view only? If so, maybe the layer needs to be overwritten with non-edit capabilities.

Two, were you the original user to publish the original layer, and if not maybe your user account does not have the ability to override the original setting which reverts back once the layer is shared beyond yourself.

From your description it sounds as if you were the original publisher but these are just some ideas that may cause you to think of something else by chance it’s not a bug. I’m not able to do any personal testing because we’re not using Pro 3.4.

DanAllen · ‎11-20-2024

thanks for the reply. to eliminate the admin role override, I was able to edit the hosted feature layer view with editing disabled using a member of the outside organization that was in the shared group, that was only assigned the role of "user".

ChristopherCounsell · ‎11-19-2024

No, they should not be able to edit. Can you share more context?

How is the group and external user set up?
Are you certain that this user is in Pro and does not have admin/ownership access? Need to check user account signed in and workflows
Does this occur outside of ArcGIS Pro (i.e. via REST or web map)?

Pro doesn't have magic permissions to make edit requests. At face value I'd assume it's more likely that the user has owner/admin rights on ArcGIS Pro and this is being overlooked somehow.

If you are extremely confident that the user is outside the org, editing is disabled, and that the outside user is the one making the edits, it may be that layerOverrides are enabled on the layer. This is something you usually have to do intentionally so I'd be surprised to see it.

Go to the layer being accessed
Open the service url
Click admin in the top-right
Click on JSON, or the layer being edited then JSON
Scroll to the bottom and look at layerOverrides.

If it looks something like this, you could have a) capabilities overridden and b) editing in these overridden settings

      "capabilities" : "Query,Extract,Sync,Edits", 
      "exceedsLimitFactor" : 1, 
      "layerOverrides" : [
        "capabilities"
      ]

if layerOverrides isn't in the JSON and if it is, capabilities aren't listed, then no editing should be as shown on the item settings.

DanAllen · ‎11-20-2024

Thanks for the feedback. The JSON capabilities is only set to "query". Although further down "allowgeometryupdates" is set to True. But I dont know how that is possible.

To eliminate the admin role override, I was able to edit the hosted feature layer view with editing disabled using a member of the outside organization that was in the shared group, that was only assigned the role of "user".

Stephanie_F · ‎11-20-2024

Hi @DanAllen I strongly suggest an Esri Technical Support case to take a deeper look at this if possible https://support.esri.com/en-us/contact