LSF9/LS/ESS - LawsonGuru.com - LawsonGuru.com Forums

Name	Points
Greg Moeller	4184
David Williams	3349
JonA	3288
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1348
Roger French	1311
mark.cook	1244

Jimmy Chiu

Veteran Member

Posts: 641

4/7/2010 6:09 PM

I am creating a new ESS security class since the lawson delivered ESS templates don't work. I have assigned the rules according to the Employee Self-Service Technical documentation. I keep getting this error when I do a pay check inquiry and here is the log from fiddler:

Caused by: com.lawson.lawsec.author.runtime.LawsonSecurityException:Exception while checking security on token EMPLOYEE for user <myuser's sso login name>. Message: org.mozilla.javascript.WrappedException: Wrapped com.lawson.lawsec.RulesEngine.LawsonJavaScriptException:Got exception while intializing class JSRMFactory.isIdParentInStruct. Message: {1}. (<RuleAttribute>#1)
Stack Trace : org.mozilla.javascript.WrappedException: Wrapped com.lawson.lawsec.RulesEngine.LawsonJavaScriptException:Got exception while intializing class JSRMFactory.isIdParentInStruct. Message: {1}. (<RuleAttribute>#1)

Any idea?

MattD

Veteran Member

Posts: 94

4/7/2010 6:43 PM

Can you post the rule you are using?

Jimmy Chiu

Veteran Member

Posts: 641

4/7/2010 6:47 PM

I created an element group COMPEMP and assigned this rule to the ELG:

if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
'ALL_ACCESS,'
else
'NO_ACCESS,'

On my EMPLOYEE file rule is:
if(isElementGrpAccessible('COMPEMP','I','HR',table.COMPANY,table.EMPLOYEE))
'ALL_ACCESS,'
else
'NO_ACCESS,'

On my HR11.1 online rule is:
if(isElementGrpAccessible('COMPEMP','I','HR',form.EMP_COMPANY,form.EMP_EMPLOYEE))
'ALL_ACCESS,'
else
'NO_ACCESS,'

Jimmy Chiu

Veteran Member

Posts: 641

4/7/2010 7:00 PM

Even without the rules in place/lawsec off, I am still getting the same error.

MattD

Veteran Member

Posts: 94

4/8/2010 1:03 PM

Did you turn security off in the Security Admin or at the LID command prompt?

Jimmy Chiu

Veteran Member

Posts: 641

4/8/2010 7:20 PM

In secuirty admin.

I have narrowed down the problem with conflicts between the ESS security class and the MSS security class.

With only one class assigned, either ESS or MSS would function without problem.

When both classes are assigned, it creates the EMPLOYEE tkn error posted above.

In in ESS secclass EMPLOYEE file has this rule:
if(isElementGrpAccessible('COMPEMP','I','HR',table.COMPANY,table.EMPLOYEE))
'ALL_ACCESS,'
else
'NO_ACCESS,'
and the COMPEMP has this rule:
if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
'ALL_ACCESS,'
else
'NO_ACCESS,'

In my MSS secclass, employee file has this rule:
if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
'ALL_ACCESS,'
else
'NO_ACCESS,'

They both function fine by itself, but once you assign both to a role, it starts to bark out error...

Any idea?

MattD

Veteran Member

Posts: 94

4/8/2010 7:38 PM

Here is my rule for the Employee file for employees. We don't utilize MSS at this time.

if(isElementGrpAccessible('COMPEMP','','HR',lztrim(table.COMPANY),lztrim(table.EMPLOYEE)))
'ALL_ACCESS,'
else
'NO_ACCESS,'

I have never used the function ("I") before. You don't need to because you are setting the access.

Hope this helps.

Jimmy Chiu

Veteran Member

Posts: 641

4/12/2010 12:07 PM

Found out what the problem was. it's one of the rule in my MSS secclass.

I used user.isSupervisorOf(RDId) to gather the employee that the manager has access to. But we don't have a RM structure in place. Thus, the error.
I switched to user.isSupervisorOfEmpInHR (we have the HR07/HR11 structure in place), thus, error gone and no more issue.