Record level security (v2021)

This public forum is for user-to-user discussions of PHPMaker. Note that this is not support forum.
Post Reply
NbagjaS
User
Posts: 10

Record level security (v2021)

Post by NbagjaS »

HI,

I have a case to protect sales report based on record level using user ID level (sales user ID),
I have setup A as a Sales Manager, and A1, A2, A3 as Sales Persons
So in User ID table it would be come :

User ID      Parent ID
A                (empty)
A1              A
A2              A
A3              A

And set the sales report in Advance Security
User Id field as User ID, and Parent ID field as Parent ID, and enable User Id option for sales report & disable View All
This working exactly like what I need,
The Sales Manager (A) can see all Sales Report record of A1, A2 and A3 (all record)
while A1 only can see his report (A1), the same with A2 and A3.

But another issue is, when I would need to add another user (ex. B) with the same level as the Sales Manager who can also see all report, how do I do that?, because A1, A2, A3 parent ID is already set to A,.
or in other word, if the user ID = B, can we over write the record level security set to disabled using script? so
because I have other users in management level that would need to see all sales person record level.

Thank you for the help


arbei
User
Posts: 9286

Post by arbei »

See notes for User ID:

From v2022, the Parent User ID Field is of varchar type, then it can store multiple user IDs as comma separated values, a user can belong to multiple parent users. If you use multiple parent User ID, make sure you change the Edit Tag of the field for multiple selection.


NbagjaS
User
Posts: 10

Post by NbagjaS »

Thank You,

I am using v2021, so there is no way to disable record level filter option in Server Even/Client script base on current user ID login?
what I mean is if the user ID ='B', then the User Id in advance security will be skipped..


arbei
User
Posts: 9286

Post by arbei »

With old version you can only disable User ID Security and use Recordset_Selecting server event to add your own filter.


NbagjaS
User
Posts: 10

Post by NbagjaS »

Thanks, I have read this tips, but don't know how to disable it in Record Selecting even.
Perhaps, you could advice me?


mobhar
User
Posts: 11660

Post by mobhar »

NbagjaS wrote:

what I mean is if the user ID ='B', then the User Id in advance security will be skipped..

Put this code in Recordset_Selecting server event:

if (CurrentUserID() == 'B') {
    // do nothing (skip advanced security), that means display all records
} else { // other than user id B
    // add your own filter in this block, that means filter the records based on your needs
    // ...
}

NbagjaS
User
Posts: 10

Post by NbagjaS »

Apparently, using Recordset_Selecting didn't work for me, I don't know why, but after trial and error and analyze the SQL output from debug,
the SQL use UserID as a filter, so I try using UserID_Loaded function, and put:

if UserID = "B",
AddUserId "A1"
AddUserId "A2"
AddUserId "A3"

This work as I expected.

So Both A and B can access all records of A1, A2, A3.

Thank you, appreciate for your help.


Post Reply