If a user has the right to edit a page then he can see all the property values of objects attached to that page.
I will look into the hole confidental data thing
i worked at company where they used hidden properties as well. In IBM Lotus Notes, client versions 5 till 7 The same trick was widely used by everyone. It was good - for really doing one's work one had to know more than bare minimum. But it was security breach nonetheless. It looks like IBM/Lotus could not implement per-property visibility. And probably it is rather hard to implement it in doc-flow systems at all. -- View this message in context: http://xwiki.475771.n2.nabble.com/Inventory-Macro-tp7580719p7580727.html Sent from the XWiki- Users mailing list archive at Nabble.com.