Hello Vincent,
Couldn't it be saved server side and evaluated server side but also sent to the client (but not synchronized)?
That way, the Client could render everything fine and even if one tries to tamper with the pbReadOnly-state, the "real" state (saved server-side) is not changed.
Could alternatively result into using 2 properties - one for the appearance and one for the security.
Right now having to double check every form is not pleasent.
Besides, do you only have to validate fields that are in the view?
Isn't it possible to set values via JSON only (using the DDO-Synching)?
Or will such an attempt run into errors?
E.g: A View that only shows the User.LastName (via DEO) as a cWebForm.
But (I guess?) you could change the User.FirstName of the synched DDO as well, couldn't you?