Dean
|
| Posted: 04/12/2005, 12:13 PM |
|
I have searched this forum and the knowledge base to no evail. I have a situation where
1. A user will have access to one group of data. This seems simple enough to handle.
2. A manager will have access to certain grouple including one or more of group 1 for approval.
3. A Division Manager will have access to several manager's data.
4. Admin will have access to all data. This seems simple enough too.
I cannot get my head around how to limit the rights of each group so they can each access the same screen but still be limited to their data.
Any Ideas?
|
|
|
 |
dhodgdon
Posts: 80
|
| Posted: 04/12/2005, 1:11 PM |
|
One way would be to make multiple grids on the page and assign rights to the grid using the "Restricted" property. Populate the grids using a query. If the user does not have rights, the grid does not display on the page and everthing else on the page (or table cell, etc.) "moves up" to fill the hole.
Or, it may be possible to include security groups in the query for the grid???
dh
_________________
Regards,
David Hodgdon
|
 |
|
Dean
|
| Posted: 04/12/2005, 1:57 PM |
|
I was thinking security groups but A Division manager does not necessarily have the right to look at all Manager's data. So I too am thinking multiple screens for each group and limit their record view based on user password. Each record will have to contain the USER, MANAGER, and DIVISION MANAGER data.
Seems like a lot of work considering basially the screens would be the same.
I was also thinking some kind of query but cannot envision how this should be done.
|
|
|
|
peterr
Posts: 5971
|
| Posted: 04/12/2005, 2:05 PM |
|
If the page should look the same for all these users then you can implement simple security logic via manual code. Eexamples are at http://docs.codecharge.com/studio/html/QuickStart/Creat...rInitEvent.html
The above method can be customized in many ways, for example to redirect all users with Group ID < 10 back to previous page:
If CCGetGroupID() < 10 Then Redirect = "PreviousPage.asp"
You can add some checking of field values to the above, to determine which records the user cannot see.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
smalloy
Posts: 107
|
| Posted: 04/12/2005, 2:12 PM |
|
if your database contains the group information in the data to be called then just use that record within the query - here's how.
object.DataSource.Where = "MyDatagroupID = " & CCGetGroupID() or CCGetuserID()
Where the object is the name of the record or grid. This will add a where clause that will filter your query by either the user, group or both!
I think that this solution best solves your need, one form, one grid or record for all! Does your table structure allow for this?
Also, I've done some show/hide stuff in the before show with groups using Select Case:
intGroup = CCGetGroupID()
SELECT CASE intGroup
Case 1,4,5
EventCaller.TemplateBlock.Variable("lnkDocs") = "images/Documents_1.gif"
Eventcaller.Visible = True
Case 6
EventCaller.TemplateBlock.Variable("lnkDocs") = "images/reports.gif"
EventCaller.Link="PatersonReport/PatersonReportForm.asp"
Case Else
ventcaller.Visible = False
End Select
This way I can group groups together to make things visible or invisible, or set SQL statements, whatever you want!
I hope I've helped!
Steve
_________________
Anything can be done, just give me time and money. |
|
|
|
nav
|
| Posted: 04/12/2005, 7:14 PM |
|
The idea of smalloy is interesting i.e. show/control something by Case but one of my project has some more requirements.
My project's requirement is to give on user access to multiple security groups i.e. users belongs to multiple groups
for example
the security groups are
1 HR Office
2 Financial Office
3 Admin Office
4 IT Department
5 Press Office
6 Project Manager
7 Devision Chief
8 Company CEO
and
9 Administrator
now some records belong to Security Group 1 (HR Office) some belong to Security Group 2 ( Financial Office) some belong to group 3 and so on….
I can easily assign users to their appropriate Security Groups like Users from HR office can only see the records belonging to Security Group 1
Users from Financial Office can only see the records belonging to Security Group 2 etc…
BUT
HERE IS THE CHALLENGE
Security Group 5 (Project Manager) needs to have access to the records of his own group 6 as well as other multiple groups, for example he want to see the records belonging to Security group 1, 3, 5 and 6
Security Group 7 need to have access to their own group 7 as well as other groups 1, 3 and 6
Security Group 8 needs to have access from group 1 to 5 and group 7 and 8
Security Group 9 will have access to all the groups (which is easy)
Now, how can we customize security for this scenario?
How can we implement security where one user can have access to multiple security groups?
Any help would be appreciated
|
|
|
|
smalloy
Posts: 107
|
| Posted: 04/13/2005, 6:29 AM |
|
OK, not a problem but it will take some coding unless you can group users together something like users 10-19 are accounting, 20-29 are Admin, 30-39 are IT and so on. If 10 aren't enough then use hundreds (100 - 199 are accounting) or thousands.
This will make your job easier since you wound have to hand code each new user you add or delete.
Then Use the CCGetuserID() to get the users ID, then do either an If then or SELECT CASE to meat out what you want.
Dim intID
intID = CCGetuserID()
Select CASE intID
Case 100-199
'User is a Accounting user
SQL = "Select * From table where Group In(1,7,8)"
Case 200-299
'User is Admin Office
SQL = "Select * From table where Group In(2,5)"
Case 300-399
'User is Admin Office
SQL = "Select * From table"
End Select
Steve
_________________
Anything can be done, just give me time and money. |
|
|
|
|
