Hello,
BO name is Category. I need to restrict access to only selected categories by admin for each user.
I tried a peer many relationship from RegularUser to the Category BO and used the operation Add Reference to selected categories, but that only worked while logged in once I logged out and back in again all references were lost.
I am thinking maybe I need to select the users that have access to the category instead of categories users have access to?
Once categories have been selected for a user when the user opens the category query they will only see categories they have been given access to.
Setting users rights at the record level
Setting users rights at the record level
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
Re: Setting users rights at the record level
I'd add another attribute of your own that indicates who has access to such record and filter accordingly. You could use a specific value, i.e. Admin or manager or user or you could use an integer value that you can filter based on range.
Re: Setting users rights at the record level
Wouldn't that just allow one user access to that category?BenHayat wrote:I'd add another attribute of your own that indicates who has access to such record and filter accordingly. You could use a specific value, i.e. Admin or manager or user or you could use an integer value that you can filter based on range.
I need to be able to assign multiple users to a category.
If I have a peer many relationship back to the RegularUser BO would that work or do I need a separate BO like a Xref BO that shows who has access to what Categories:?:
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
Re: Setting users rights at the record level
Are you saying you want to restrict it to, i.e. Ben, Mark and Roger?rbross wrote: I need to be able to assign multiple users to a category.
then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.
Re: Setting users rights at the record level
OK, thought a Xref BO might be needed.
I'll set that up and let you know how it works. Thx
I'll set that up and let you know how it works. Thx
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
Re: Setting users rights at the record level
Ben, Got it working except for the filter on the query.BenHayat wrote: then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.
Can I use IF EXISTS in a query or do I need to call a process and use the IF EXISTS, not sure how to write this statement? I need to display the query based on what Categories they have access to. I have a query to display the Categories but right now it just shows them all, the query still needs to be filtered.
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
Re: Setting users rights at the record level
I've only used EXISTS in BO rule and not query. But in reality, you need to filter the xref BO. For example, your Xref BO will have two attribute, the user Ref and Cat Ref. and you need to add Shortcuts from category and user in the Xref. Now you will filter xref for a specific category and user and if the user has access to that category it will be on the list.rbross wrote:Ben, Got it working except for the filter on the query.BenHayat wrote: then you need to control it based on "certain" users, you need to create another BO as a xref that allows specific users to that category. And your system needs to check against xref, if exists, it is allowed.
Can I use IF EXISTS in a query or do I need to call a process and use the IF EXISTS, not sure how to write this statement? I need to display the query based on what Categories they have access to. I have a query to display the Categories but right now it just shows them all, the query still needs to be filtered.
But the key is when you create that xref, is when you are giving that user access to that category. That's the important step.
Re: Setting users rights at the record level
Never mind I figured it out:
The query looks like this:
FIND PWMasterCategories WHERE EXISTS PWCategoryAccess WHERE (PWCategoryAccess IN PWMasterCategories.pm_PWCategoryAccess AND PWCategoryAccess.UserLogInName=LoggedInRegularUser.LoginName) ORDER BY PWMasterCategories.Category
The query looks like this:
FIND PWMasterCategories WHERE EXISTS PWCategoryAccess WHERE (PWCategoryAccess IN PWMasterCategories.pm_PWCategoryAccess AND PWCategoryAccess.UserLogInName=LoggedInRegularUser.LoginName) ORDER BY PWMasterCategories.Category
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
Re: Setting users rights at the record level
Excellent.
Re: Setting users rights at the record level
When I first started AwareIM that expression would have made no sense to me... Now it actually makes senseBenHayat wrote:Excellent.
AwareIM' motto should be KISS... "Keep It Simple Stupid"
Roger Ross
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.7 (build 3025) ~ MS-SQL ~ Windows 10 ~
AwareIM 8.5 (build 2828) ~ MS-SQL ~ Windows 10 ~