- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2019 05:04 AM
Good afternoon,
This is probably pretty basic but I just wanted to check. I need to add two fields to the sys_user table which only show when company is X. UI Policy, all good.
Now I want to set it up such that if the company is X, only users with role Y will see these two fields displayed when they look at a user record.
I tried adding a script condition gs.hasRole("role Y") to the said UI policy, but no joy. Any user with access to the user table can still see these fields.
We have a minefield of ACLs associated with sys_user, such that if I create read and write ACLs for role Y against the two fields, again any user can read and write, but before I tackle this aspect of the build, I just wanted to check if I am right in trying to achieve the display aspect through a UI policy?
Thanks
Solved! Go to Solution.
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2019 05:51 AM
No once you give role z access to write to these two field only they that should have access and it should prevent everybody else from writing to these fields. You may need to give role z write access to the entire table as well. before you can limit there write access to 1 or 2 fields they must first have access to write to all fields. So if they do not have write access with another role to the entire table you must first grant them this access (sorry my assumption). Then the ACL for write access to the two fields should limit them to just these fields.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2019 05:51 AM
No once you give role z access to write to these two field only they that should have access and it should prevent everybody else from writing to these fields. You may need to give role z write access to the entire table as well. before you can limit there write access to 1 or 2 fields they must first have access to write to all fields. So if they do not have write access with another role to the entire table you must first grant them this access (sorry my assumption). Then the ACL for write access to the two fields should limit them to just these fields.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-18-2019 07:38 AM
Brian, Thanks again. Finally solved it by adding a write acl on sys_user for role Z and an additional write acl on sys_user* for role Y
