Setting users rights at the record level

[rbross]

Hello,

BO name is Category. I need to restrict access to only selected categories by admin for each user.
I tried a peer many relationship from RegularUser to the Category BO and used the operation Add Reference to selected categories, but that only worked while logged in once I logged out and back in again all references were lost.

I am thinking maybe I need to select the users that have access to the category instead of categories users have access to?
Once categories have been selected for a user when the user opens the category query they will only see categories they have been given access to.

[BenHayat]

I'd add another attribute of your own that indicates who has access to such record and filter accordingly. You could use a specific value, i.e. Admin or manager or user or you could use an integer value that you can filter based on range.

[rbross]

I'd add another attribute of your own that indicates who has access to such record and filter accordingly. You could use a specific value, i.e. Admin or manager or user or you could use an integer value that you can filter based on range.

Wouldn't that just allow one user access to that category?
I need to be able to assign multiple users to a category.
If I have a peer many relationship back to the RegularUser BO would that work or do I need a separate BO like a Xref BO that shows who has access to what Categories:?:

[BenHayat]

I need to be able to assign multiple users to a category.

Are you saying you want to restrict it to, i.e. Ben, Mark and Roger?
then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.

[rbross]

OK, thought a Xref BO might be needed.
I'll set that up and let you know how it works. Thx

[rbross]

then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.

Ben, Got it working except for the filter on the query.
Can I use IF EXISTS in a query or do I need to call a process and use the IF EXISTS, not sure how to write this statement? I need to display the query based on what Categories they have access to. I have a query to display the Categories but right now it just shows them all, the query still needs to be filtered.

[BenHayat]

then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.

Ben, Got it working except for the filter on the query.
Can I use IF EXISTS in a query or do I need to call a process and use the IF EXISTS, not sure how to write this statement? I need to display the query based on what Categories they have access to. I have a query to display the Categories but right now it just shows them all, the query still needs to be filtered.

I've only used EXISTS in BO rule and not query. But in reality, you need to filter the xref BO. For example, your Xref BO will have two attribute, the user Ref and Cat Ref. and you need to add Shortcuts from category and user in the Xref. Now you will filter xref for a specific category and user and if the user has access to that category it will be on the list.

But the key is when you create that xref, is when you are giving that user access to that category. That's the important step.

[rbross]

Never mind I figured it out:

The query looks like this:
FIND PWMasterCategories WHERE EXISTS PWCategoryAccess WHERE (PWCategoryAccess IN PWMasterCategories.pm_PWCategoryAccess AND PWCategoryAccess.UserLogInName=LoggedInRegularUser.LoginName) ORDER BY PWMasterCategories.Category

[BenHayat]

Excellent.

[rbross]

Excellent.

When I first started AwareIM that expression would have made no sense to me... Now it actually makes sense

AwareIM' motto should be KISS... "Keep It Simple Stupid"