Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Infor / Lawson Platforms
S3 Security
Referencing a Multi-Valued attribute
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Chris Radcliffe
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5187
People Online:
Visitors:
307
Members:
0
Total:
307
Online Now:
New Topics
S3 Customization/Development
Cobol - Extract Current Time
4/24/2024 7:21 PM
How do you extract just the Current System Time in
Lawson Landmark
LPL INSTR Functions
4/5/2024 8:32 PM
I'm writing a simple report using the Create R
Infor SCM
Translating 856 to get the ~ REF^CN^ field
4/3/2024 8:24 PM
We are trying to get the tracking number which is
IPA/ProcessFlow
Sample XML file create Flow
4/3/2024 3:43 PM
Hello everyone, I am new to creating XML files
Lawson S3 HR/Payroll/Benefits
bn105 error message
3/26/2024 6:40 PM
I need to change some of the set ups in our Life I
IPA/ProcessFlow
IPA executing Job
3/13/2024 7:08 PM
New to the IPA world and was wondering, can an IPA
Lawson S3 HR/Payroll/Benefits
Life Age Reduction on benefits plans
3/12/2024 7:15 PM
For our optional life we have an age based coverag
Lawson S3 HR/Payroll/Benefits
BN53.1 Add-In
3/7/2024 3:31 PM
We are migrating to Solstice. They require a
Lawson Business Intelligence/Reporting/Crystal
Domain Name Change
3/5/2024 7:45 PM
Our domain name needs to change and was hoping I c
S3 Customization/Development
Cobol calling Shell Script
2/29/2024 1:27 PM
Has anyone created or modified a Lawson Cobol prog
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3288
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1351
Roger French
1311
mark.cook
1244
Forums
Unanswered
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
S3 Security
Referencing a Multi-Valued attribute
Sort:
Oldest First
Most Recent First
You are not authorized to post a reply.
Author
Messages
BrianB
Posts: 5
4/17/2010 10:56 AM
We have set up (in Schema Editor) a multi-valued variable. We want to restrict drill access and essentially deny access to any that don't have a corresponding value.
The problem is this: When we reference the variable and do a compare, the system only restricts based on the first number in the list. I tried referencing it as if it were an array (with a value in paranthesis representing the index order), but that didn't work.
If we had 20 different values in there, how do I get my rule to accomodate each subsequent value as opposed to only the first?
Thanks is advance, this website is an incredible resource and I appreciate everyone's expertise and willingness to share.
Brian
John Henley
Senior Member
Posts: 3348
4/17/2010 1:28 PM
I think the variable is returned as a comma separated list of the selected values for the attribute, and you can use xxx.split(',') to turn it into an array, something like this:
var myAttribList = myAttrib.split ( ',' );
for(var i=0;i<=myAttribList.length;i++) {
if ( myAttribList
== "desired value" ... )
}
Dave Amen
Veteran Member
Posts: 75
4/17/2010 11:24 PM
Brian,
With all due respect to John Henley (the master), there's an easier way.
The user.attributeContains function is the one designed to work with multi-valued attributes. It hunts through the values for a match, and returns a positive if found - so you don't need to code the logic to search through multiple values. Let me know if you need to see a sample, and I'll post one here.
Best regards,
Dave
(303) 773-3535
BrianB
Posts: 5
4/18/2010 1:48 PM
Yes, please do Dave, I'd appreciate it.
Would you have any samples of how to code within a security rule beyond an if/then? I'm confident John's code would work in process flow (where I can write open Javascript), but I couldn't get the rule editor to take it or work with it. It always wants to hard code the if / then statement.
Thanks again
Dave Amen
Veteran Member
Posts: 75
4/18/2010 4:56 PM
Here's an example that shows several things. I see that it's somewhat overkill in that it's using the getDBFieldByIdx function when getDBField would suffice:
getDBField - uses the primary index to grab a record, from which you can interrogate any field in that record.
getDBFieldByIdx - uses any index you want, to accomplish the same purpose (use this to find a record when your keys fit a secondary index and not the primary one).
I'm using EMPSET1 in this call, which is the same thing that the simpler getDBField function would do - I should have used getDBField instead (that's what I meant by overkill).
The multi-valued attribute called TimeKeeper holds one or more SEC-LOCATION's in which this user is authorized to manage time records.
This rule is attached to PR35.2 to ensure that this user (who is a time keeper and has values attached to them in the custom TimeKeeper multi-valued attribute) has the SEC-LOCATION for this employee included as one of their attributes.
if(user.attributeContains('TimeKeeper',trim(getDBFieldByIdx('EMPLOYEE','SEC-LOCATION','EMPSET1','0001',form.TRD_EMPLOYEE))))
'ALL_ACCESS,'
else
'NO_ACCESS,'
Starting with the getDBFieldByIdx call, we grab the employee number on the screen (form.TRD_EMPLOYEE), and go to the EMPLOYEE table using company 0001 and that employee number to get the SEC-LOCATION.
The attributeContains function then searches through this user's TimeKeeper multi-valued attribute for a matching SEC-LOCATION. If found, success. Otherwise, that timekeeper isn't allowed to enter time records for that particular employee, and gets a security violation.
That controls what the timekeeper can do in PR35.2. There's another aspect to keep in mind, though. When the timekeeper clicks on the selection list icon beside the employee number, the resulting list includes ALL employees - even though they can't touch most of them because of their SEC-LOCATION. Annoying at best, or frustrating and time-consuming if they need to hunt through the big list to find specific employees.
TABLES control what the user sees in selection lists, drills and Microsoft Add-Ins.
To fix this situation, you would put a rule, similar to the one above, on the EMPLOYEE Table, which must be in an LS9 Security Class connected to the TimeKeeper's Role. That would slow the response when the TimeKeeper clicks on the icon to get the employee list, but the list would then contain ONLY the employees they're authorized to manage time for (employees with a SEC-LOCATION matching one of the ones in the TimeKeeper's multi-valued attribute).
It can be difficult to get the trims and everything working correctly in the rule, so I prefer to test incremental parts of it by hard-coding values like this:
user.attributeContains('TimeKeeper','SecLoc1')
Put SecLoc1 (or some real SEC-LOCATION) in as one of your TimeKeeper multi-valued attributes and get this working. Then try the employee side of the rule by itself (I'm using employee 1234 in this case):
getDBField('EMPLOYEE','SEC-LOCATION','0001',1234)
Adjust tic marks, trims and whatever else to get that piece working. Then put the pieces together.
Sorry - this is turning into a lengthy LS9 training course!
Did that all make sense?
Best regards,
Dave
(303) 773-3535
John Henley
Senior Member
Posts: 3348
4/18/2010 5:17 PM
Nice! Thanks for posting. =
BrianB
Posts: 5
4/22/2010 7:51 PM
Thank you both, this was very helpful.
You are not authorized to post a reply.