We have an application with a couple of encrypted fields. When a user opens the document for viewing, they have an action/function to view the encrypted fields. This works via a Dialogbox. As a result of using this function, a line is added to a history log as we want to track users viewing this sensitive data. All is good until we save the updated document.
It saves, but it is not encrypting the data. We have gone so far as setting IsEncrypted=True on the fields that need to be encrypted. We have set the name of the Encryption Key to use. These are being set fine. We call doc.Encrypt. But when we go to save, we receive "cannot encrypt NotesDocument when instantiated from NotesUIDocument".
No matter how we go about accessing the notesdocument, we receive the error message when we save.
To complicate matters, we cannot set up the encrypted fields to use a specific encryption key because there are many instances of this db application and each instance's encryption key can be uniquely named. We have tried to instruct people to use the same key name, but we cannot enforce it. Because we are working in an environment where we rely on server/Notes admin to deploy the db designs, we cannot ask them to change the Form settings at the time of deployment. Due to the nature of the data, we cannot give the Notes admin the secret keys to sign any agents such that we run them on New & Modified documents. I'm sure there are other nuances and hurdles I've not mentioned here..
Does anyone know of any workarounds that will allow us save a uidocument AND encrypt the data? uidoc.Refresh is document as being the equivalent of @Command([ToolsRefreshSelectedDocs]), however, we've yet to see that be true. If I view the secret data, save the document, return to the view and run the aforementioned @Command, the data is encrypted. We cannot count on users to use this second function after viewing the information. They would also argue that the moment between viewing and refreshing would be a window of a security exposure.