How to restrict users to view their input only
Application Type
Traditional Web

Hello,

Please kindly give me a guide on how to restrict users to view only the data he or she inputted.

I have a Sales Table. 

On this Sales Table, Users are allowed to input sales data when sales occur.

What do i want ?

I want a situation whereby each user will be able to view only the sales he or she inputted. Only the admin will have access to view all sales data inputted by all users.

Help provide a guide please.  

@Harrison 

test here and check if is this the expected: https://galmeida.outsystemscloud.com/ShowRecord/

Users to test:

testuser, testuser2 and testadmin

pass for all: 123456

You can also check the code in the oml attached

Regards

Gonçalo Almeida

ShowRecord.oml

Thank you so much for solving my problem. Your insight and guide solved my problem. Everything is working as expected. Thanks alot

Hi,


You need to have an attribute "CreatedBy" on your Sales entity (that you need to fill when the record is created with the user that is creating it, using the "GetUserId()"). Then, In the aggregate, Filter for that field like GetUserId or CheckRoleAdmin.


Something like this:


Hope this can help.


Best regards,

Ricardo M Pereira

Hi @Harrison 

You can also check this course about Role-base security

https://www.outsystems.com/training/courses/131/role-based-security/?LearningPathId=18

Regards,

Gonçalo Almeida


Hi there,

I think that the topic that the colleague raises here is not related to questions of rules, as some colleagues suggest, but that he only sees his own data. As Ricardo mentions, you can create a field in the table where you save the data, with the UserId of who created it or you can even use the username if it is unique. And wherever you want him to see only your information, make a GetUserId () equal to the UserId that created the field.


Kind regards

Hi Harrison,

As Ricardo  said you need to add CreatedBy and UpdatedBy in your sales entity, and when you are displaying data to particular user then use only GetUserID() and for Admin use checkAdminRole().

Don't use both filters in same aggregate.

Regards,

Komal


Thanks for taking out time to respond to my question. I appreciate your great insights. Maybe my explanation is not clear.

Your suggestions restricted page /data view to admin role only. Only Admin Role is able to view sales data.

What i want 

I want each user to be able to view the sales data he or she inputted. And Admin Role will be able to view all sales data inputted. See example below:

Sales Table as seen by Admin Role (Admin Role views everything inputted)

No.    Details    Amount     Created By

1.       Prado      4.5m            Sam

2.      Mazda       6.4m           Mary

3.      Corolla      2.1m          Sam



Sales Table as seen by Sam (Sam views only sales he created)

No.    Details   Amount     Created By

1.       Prado     4.5m              Sam

3.       Corolla      2.1m          Sam



Sales Table as seen by Mary (Mary  views only the sales data she created)

No.    Details   Amount     Created By

2.      Mazda      6.4m            Mary


Please guide me. Thanks


Hi Harrison

For your requirement, please add createdBy attribute in your sales entity and while  while fetching the data add GetUserID() filter in sales entity, it will reflect the data for current logged in user,

Kind Regards,

Komal


Hi @Harrison 

Apply what Ricardo suggests.

Regards

GOnçalo Almeida

Thanks Goncalo, I have implemented Ricardo's suggestion and somehow, it did not yield the desired result.

Thanks

To support Ricardo's solution, I would use a filter like:

Sales.CreatedBy = GetUserId() OR CheckAdminRole(UserId:) 

Thanks for your suggestion.

I want each user to be able to view only the record he or she created in the list page. It seem not to be working.

May I suggest uploading a sample oml or maybe pasting a screen dump, please? 

Please add Userid condition for created or updated by . so only current user only able to view his data,while admin user login in system remove userid based condition .

Please give a guide on how to do this. Thanks

@Harrison 

test here and check if is this the expected: https://galmeida.outsystemscloud.com/ShowRecord/

Users to test:

testuser, testuser2 and testadmin

pass for all: 123456

You can also check the code in the oml attached

Regards

Gonçalo Almeida

ShowRecord.oml

Thank you so much for solving my problem. Your insight and guide solved my problem. Everything is working as expected. Thanks alot

Thanks to everyone that took time out to proffer a solution.  A big thanks to Goncalo.. Goncalo's suggestion is the solution to my problem. Everything is working as expected currently. Thanks to Ricardo, Himanshu, Komal, Cezarf, Miguel.......your suggestions are appreciated. 



Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.