- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-16-2015 01:05 PM
Hi,
I have got a security requirement for a table.
- Each employee only sees the rows in a table where he/she is referenced.
- Each employee's manager can see his own rows and the rows of the employees reporting to him
- Each manager's manager can see his own rows and the rows of the employees reporting to him
[etc]
In my SN instance each user has its manager referenced (as imported from Active Directory) Each manager does not have its reports listed in sys_user. So going "up" the tree is easy, but I am not sure if it possible to traverse down is possible.
What would be the best approach such security requirement?
thx
e
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2015 02:58 AM
Felipe, thanks for your quick follow up.
row = new GlideRecord('sys_user').get(row[column].manager);
does not work as I initially thought: it returns the output of the get() method which is true or false. Not a new object for a particular user. Oops
My code was flawed, I have rewritten the function and it now works properly. Function code:
// check if a user is the management chain of another user
managementChainCheck : function(employee, manager) {
// direct report ?
if (employee.manager == manager)
return true;
row = new GlideRecord('sys_user');
var manager_to_check = employee.manager;
// let's go up the management chain 10 times
for (i = 0; i < 10; i++) {
row.get(manager_to_check);
if (row.manager == manager) {
return true;
} else {
// Not found, let's try this employee's manager
manager_to_check = row.manager;
}
}
return false;
},
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2015 06:02 AM
Hi,
How is it going?
Did you solved it?
Best Regards
