GL45 Security

Author
Messages
Mike Flynn
Basic Member
Posts: 5
Basic Member
    I have tried writing a rule on GL45 so that users can only see their own transactions (operator) equal their user id.  This denies them access to all data. 
    I did write a rule on the GLCONTROL limiting the same thing so it prevents drill around on others transactions.
    However, I don't even want them to see 'others'.  Any ideas?  I've tried (userid and employee id are the same here):
    if(form.SEL_OPERATOR==user.getEmployeeId())
       'ALL_ACCESS,'
    else
       'NO_ACCESS,'

    Also tried:

    if(getDBField('GLCONTROL','OPERATOR',form.GLC_COMPANY,form.GLC_FISCAL_YEAR,form.GLC_ACCT_PERIOD)==user.getEmployeeId())

       'ALL_ACCESS,'

    else

       'NO_ACCESS,'



    Any ideas?
    Jimmy Chiu
    Veteran Member
    Posts: 641
    Veteran Member
      You are comparing the wrong fields. user.getEmployeeID() will never match form.SEL_OPERATOR.

      Looking at the GLCONTROL operator value. It's actually the UID. So you need to compare user attribute lawsonuserlogin vs the GLCONTROL REL_OPERATOR.
      Mike Flynn
      Basic Member
      Posts: 5
      Basic Member
        In this case their user id and employee id are identical but I'll try using their login and the rel_operator. Thanks
        Mike Flynn
        Basic Member
        Posts: 5
        Basic Member
          In this case their user id and employee id are identical but I'll try using their login and the rel_operator. Thanks
          ---