variables read only at requested items

bennyphipps
Giga Expert

‎06-24-2015 03:09 AM

Hi,

We have a few catalog UI Policies which make variables read-only on requested item view to prevents users from amending them after they've been submitted as this could affect audit if a group was changed or a workflow issue or other reasons.

UI Policy.PNG

It's a bit of a pain to have to create a UI Policy each time we create a product and I wondered whether there is a more simple way to make variables read-only at requested item level.   Maybe a scheduled script that creates the UI policies looping through the variables for each catalog item and associated variables or if there's another even more elegant way to do it.   A Business rule perhaps that make the fields read only or something?

Any ideas???

Kind regards,

Ben

Labels:
Preview file
43 KB
0 Helpfuls
  • 8,865 Views
9 REPLIES 9

epam
Kilo Guru

‎07-08-2015 01:41 AM

Hi Ben,



I think you can start with the variable itself and lock down access to variables by roles. Try to use a Write Roles field on the variable form.



Good decision is to use ACL rules (for item_option_new table) to prevent changing a variable's value.



Client Script with g_form.setReadOnly('variableName',true) looks more complicated but it can works (list of the variable names can be provided by a display business rule to place all the variables into a g_scratchpad).


0 Helpfuls

Kalaiarasan Pus
Giga Sage

‎07-08-2015 02:14 AM

I doubt whether access control will work since it is formatter/ui page...



You might want to look into this and make use of this apporach ..


» How to Hide Empty Variables on a Standard Form


0 Helpfuls

jamesmcwhinney
Giga Guru

‎08-14-2015 01:22 PM

Did you have any luck finding a better way to do this?


Creating a UI policy for every variable of every catalog item would be a maintenance nightmare


0 Helpfuls

jamesmcwhinney
Giga Guru

‎08-14-2015 02:00 PM

Hi Ben,



I found the best way to do this is by modifying the ACLs.



Out of the box, there are 2 ACLs (one for write and one for delete) against the table sc_req_item.


Both are set up with the condition "Request.requested_for is javascript:gs.getUserID()" so that every user can modify their own requested items.



I just deactivated these two ACLs and this did the job for us.


Users can still open up their requests and toggle the variables, but it doesn't matter since they cant save their changes anymore.



Cheers,


- James


0 Helpfuls