1 person found this helpful
This is not acheivable. If you need strict proof that the values have not been tampered with, you'll have to use cryptography (digitally sign your metadata and have your downstream application reject files lacking signed metadata).
In an XMP Schema, elements can be marked as internal or external. Applications which handle XMP metadata use the schema to display internal elements as read-only and external ones as read-write.
If there's no schema for a specific element, it's assumed to be external. Unless you can write a schema in such a way that inDesign can read it (and I don't know if that's possible), it's going to assume your XMP data is read/write...
If you explain WHY you want to make your metadata read-only, we might have other suggestions to achieve your goal...
Thanks for the responses!
As for the why: I'm working on creating a version control system for InDesign documents. When a document is checked-in, the version control metadata (unique ID, check-in status, etc...) is stored in the document. It seemed like storing this data in the XMP would be a logical choice as it is easy to read/write and possible to extract without InDesign server on a machine w/o InDesign loaded (though I'm not sure we'll actually need to do that). The desire for read-only is to try to prevent a user from accidentally or purposely clearing these tracking values which would corrupt the version control workflow.
So I guess a new question is: is there a better place to store metadata about a document other than in the XMP blob where it is accessible via ExtendScript but not editable (or even viewable) by the user.
If it's important, give up on it being non-editable, because the user can always write a script.
Ideally you can get the document's UUID out somehow, and use that as an index to a table you store in your VC system...
You can always mirror a not-necessarily-valid copy in your XMP metadata (or cryptographically sign it, as above).
You can use app.activeDocument.insertLabel(), though.
Again, anyone can trivially get to it from the scripting API...
You could also write a plugin...
OK, thanks for the response. Ultimately I got my answer: no, there isn't an easy (or even hard) way to make XMP nodes read-only. I will stick with the XMP side and if the user messes with it, that's their own fault. In my case, it won't actually mess up the system, it will just mess up their work and they could lose some pending changes.
John pretty much covered it.
You have three options that I can see:
1) You can write a plugin. That's the only way you can create truly private data in a document.
2) If writing a plugin is beyond you skill-set, you can try APID. APID has a setDataStore() and gettDataStore() method which can save private encrypted data. Unless the user has your key, they will not be able to get to that data.
3) You can use insertLabel() and extractLabel() which is somewhat hidden in an InDesign document, although both the key and the data is written to IDML. insertLabel() is limited to strings, but you can serialize just about anything...