Security and Permissions¶

Advanced Forms is designed with a "Secure by Default" philosophy while offering flexibility for public access and family collaboration.

Authorization Actions¶

All core entities (Form Types, Form Packs) use Rock's standard security verbs:

• View: Who can see the form definition in the admin list.
• Edit: Who can modify the form structure (add questions, change logic).
• Administrate: Who can change permissions and delete the form.
• Interact (Critical): Who can submit the form.
  • For a public form, you must grant Interact to the All Users role.
  • For an internal staff form, grant Interact only to Staff.

Permission Inheritance¶

Security permissions cascade down to simplify management:

1. Category: Set base permissions for a folder of forms (e.g., "HR Forms").
2. Form Pack / Form Type: Inherits from Category unless overridden.
3. Form Entry: Inherits from the Form Type.
   • Special Logic: The Creator (Person Alias) of an entry is always granted View and Edit permissions for their own draft, regardless of role.

Family Sharing¶

The Shared By Families setting (found on Form Type and Form Pack configuration) changes the default security rules for Drafts.

• Disabled (Default): Only the person who started the draft can see or edit it.
• Enabled: Any member of the same Family (with Active group member status) can View and Edit the draft.
  • Use Case: A parent starts a registration form for a child, saves it, and the spouse logs in later to upload the medical release form.

Person Action Tokens (Public Access)¶

For workflows requiring users to fill out forms without logging in (e.g., references, guest registrations), Advanced Forms supports Person Action Tokens.

How it Works¶

1. A workflow generates a link containing a secure token: https://rock.church/forms/entry/123?p=AbCdEf123...
2. When the user accesses this link, the system validates the p parameter.
3. If valid, the user is effectively "authenticated" only for the context of that specific form entry.
4. They can view and edit the entry without a Rock user account.

Generating Links¶

Use the Advanced Form workflow action to automatically generate these secure links and email them to the recipient.

REST API Security¶

The plugin exposes several API endpoints for the frontend components. These are secured using Rock's [Secured] and [Authenticate] attributes.

• Controllers: Located in api/RedeemerTech_Forms_*.
• Protection:
  • APIs verify Interact permission before allowing a save.
  • APIs verify View permission before returning data.
  • Inputs are sanitized to prevent mass-assignment vulnerabilities (users cannot inject values into read-only properties).