If I created a role (Manager), and user with manager role can only edit the field "Description" and "Remark" in this page (Mainflow/CompanyGroupDetail), for the other fields, they can read only.
Attach please find my oml, kindly help assist on the logic with the example. Thank you so much.
Hey @Winnie Lam
1) Create a local variable of type Boolean name it "Has Role" 2) On Initialize of the screen check the role using the check role via server action of the user, in your use case it will be GetUserId() NOTE: You can also check role on OnApplicationStart and start the value in a client variable of weather the user has role or not.
3) Now in enable property on the description give this Boolean variable. Make sure HasRole default value is always False.
4) Now the client side logic has been handled to disable the description box but please make sure you have some validation to check if the user who made the changes has the manager role on the server side.
Thanks Shlok Agrawal
Hello,
I have updated your OML, please see the changes,
Regards,
Komal
@Komal Kumbhar Thank you for your reference, may i know what if i allow two roles to edit "Description" field, Should I have to create one more data action for another role and use "or" in Enable field??
or any faster way? Thanks!!
Hey,
You just need to add checkrole of another role in same data action but create one more output parameter for same data action and store the value same as i have done in data action.
like this
Got it. Thank you so much!
@Komal Kumbhar, I have further question on role/data access.
We can determine the role who can access the interface(page), what about if I would like to determine the role with data level?
E.g. In this aggregate, there is "Team" for each record, how can I categorize the role with the team in the data.
My existing practice is not recommended: I created many separated pages with the filter on aggregate and matched with the role.
What I expect is :
- Match role with the team of the record in one page
Any advise on data level access ? Thanks.
First of all you need to modify your database, add RoleId in your entity where team exists and while updating the team record update the respective role id,
While fetching team's data, Add Role entity to that aggregate and join will be with Role Id from both entity. Now add filter "Role.Name="HR" (for e.g.) "
This will fetch the specific data for team which has HR role.
Hope this helps,
Hi @Komal Kumbhar ,
I m very confused on it and not familiar with most of the function. Would you mind to make an oml example for me?
- I have Team Table
- For creating record in JobMaintenance2s, (Job), Team will be selected
- Each user actually have one team/more than one teams (Seems the default user /user_role list cannot add attribute to assign team)
-Each user have different role (manager/Office, etc)
- For the access of data in JobMaintenance2s page, User can only see the data that the team they belongs to
My Question/expectation:
1. How can I set the user match with the team/teams?
-->Create role for that?? and user have both Manager and Team role ? -->Or add roleID in Team entity??
2. User direct to the page JobMaintenance2s can only check the team that they belong with
Would you mind to help modify my oml and see how it can easily be realized?? I really need the help on it, Thanks!!
Hi,
In fields where the Manager cannot edit, you can set the desired condition in the "Enable" property of these two inputs, or set it to false to disallow it.
If there is a role that can edit these fields, you can check if the logged in user has the role, in the "Enable" property.