Prev
Next
Forums S3 Security

Process Level Security

Sort:
You are not authorized to post a reply.
Author
Messages
Kyle Gray
New Member
Posts: 1
New Member
10/11/2010 12:23 PM

    I am trying to use a Process Level Security class to globally secure data by process level.  The formula I have written verifies in the build screens but when I apply the security class against the user I am unable to select any records on the HR11 when in fact I should have about 250 records to choose from.  I using the RM attribute, ProcessLevelControl (lawson delivered, as multi-attribute).  Below is the formula,

    if((SystemCode=='HR'||'PR'||'BN'||'PA'||'LP')&&(COMPANY==user.getCompany())&&(PROCESS_LEVEL==''))
       'ALL_ACCESS,'
    else
       if((SystemCode=='HR'||'PR'||'BN'||'PA'||'LP')&&(COMPANY==user.getCompany())&&(user.attributeContains('ProcessLevelControl',PROCESS_LEVEL)))
       'ALL_ACCESS,'
    else
       'NO_ACCESS,'

    Thanks,

    Kyle Gray

    Good Samaritan Hospital

     

    Jimmy Chiu
    Veteran Member
    Posts: 641
    Veteran Member
    10/12/2010 3:15 PM
      the values you put in the user's ProcessLevelControl, are they in 3 digits format? IE: processlevel 4 actually should be 004. and you should use lztrim for the COMPANY value.

      I am assuming you are using PROCLEVEL based on the parameters you are using:

      if((SystemCode=='HR'||'PR'||'BN'||'PA'||'LP')&&(lztrim(COMPANY)==user.getCompany())&&(PROCESS_LEVEL==''))
      'ALL_ACCESS,'
      else
      if((SystemCode=='HR'||'PR'||'BN'||'PA'||'LP')&&(lztrim(COMPANY)==user.getCompany())&&(user.attributeContains('ProcessLevelControl',PROCESS_LEVEL)))
      'ALL_ACCESS,'
      else
      'NO_ACCESS,' 

      Note: Your first line doesn't make sense because it would mean any employee without PROCESS_LEVEL assigned is open access.

      I think you meant this instead, if user's profile does not specify ProcessLevelControl, user has ALL_ACCESS? If this is the case, I would assign * to the ProcessLevelControl as wildcard access.
      You are not authorized to post a reply.