Differences

This shows you the differences between two versions of the page.

Link to this comparison view

security - permissions [2016/09/14 14:19] (current)
Line 1: Line 1:
 +==== How do I set up permissions?​ ====
  
 +<WRAP round info 60%>
 +Also called: user security, user rights, user privileges, read/write access
 +</​WRAP>​
 +
 +=== What are permissions?​ ===
 +Permissions in WorkXpress allow you to control what users have access to in the application. You can control not only what they can see but how they can interact with various interfaces. ​
 +
 +Permissions are a list of granular controls that you will then assign to certain groups. You will check the boxes for the permissions you want a particular group to have. 
 +
 +Permissions are about what you can **enable** not restrict.
 +
 +==Examples of Permissions==
 +|< 85% 25% 37% 37% >|
 +^Original Idea  ^Explanation ^Best Practice^
 +|View Only   ​|While this appears to be a good permission, it is actually restricting ALL the permissions. You would not be enabling any permissions for this user|Put security on all of your pages so that only members of groups with specific permissions are able to view them. This allows for the best security for your application.|
 +|View/​Change Employee Record |These are two separate permissions. Keeping permissions separate will provide the best security control| Create two permissions:​ View Employee Record, Change Employee Record. You can check both boxes for the group you wish to have this access.|
 +
 +
 +
 +
 +
 +=== Managing Permissions ===
 +
 +Permissions are managed through the Groups table that is automatically created with every WorkXpress application. Here you will create various groups that will correspond to the different levels of access you wish users to have. You will then assign users to these groups. Users can be in more than one group. ​
 +
 +=== Setting Up the Groups ===
 +
 +  - From the Admin page in your application,​ click on Search All Groups
 +  -- Click on Add Group on the right. \\
 +   .. {{::​permissions1.jpg|}}
 +  - When asked, select that you do not want to roll this out with the application. Learn more about data in development and testing. (LINKS HERE TO SOMETHING)
 +  - Now we will set up our forms and fields.
 +  -- Bring up the interface and click on the blue plus sign at the right edge of the existing form. Create a new Grid form called Permissions
 +   .. {{::​permissions2.jpg|}}
 +  -- Click the orange link that says "Add the first field for this field grid here."
 +   .. {{::​permissions3.jpg|}}
 +  - Add two checkbox fields for each permission - Edit Company Record, Delete Company Record
 +   .. {{::​permissions4.jpg|}}
 +  - Create a new list form by clicking the blue plus at the right end of the Permissions form. This form will display the users who are in a particular group.
 +  - When asked what records you want to see in your list, select the Users table. ​
 +  -- When asked which users, select Related Users - Group to User. This list will only show users we add to the group.
 +   .. {{::​permissions5.jpg|}} ​   ​
 +  - Accept the default name for the form. 
 +  - When asked to choose fields, accept the default View User field. You can add more fields later if you want.  ​
 +  - Select View User as the field to display
 +  - Click finish
 +  -- Your page should look like this
 +    .. {{::​permissions6.jpg|}}
 +  - Now we have created the forms and fields we need. Now we'll create our group. ​
 +  - At the top of the page, click into the Group Name field. Let's name this one Managers. ​
 +  - Click on the add button at the bottom of the page. If you do not see your group, refresh the page. 
 +  - Click on the group name to bring up the group.
 +  - Click the edit button at the bottom of the page. 
 +  - On the Permissions form, click both checkboxes.
 +  - On the Users form, click Attach Existing User. Select a user from the list. 
 +  - You now have created a group with a user. 
 +
 +What next? Go to the article on PAGE and FORM security to learn how to implement permissions. This page will explain how to create a query to see if the current user is a member of a group with a certain permission. For example, when the Company Record page loads, a user who is in a group that only has Edit permissions will not be able to click on the delete. You can customize whether a user will see things they can't click on or whether they are shown an error message. ​
 +
 +==== Help!  I used security actions to hide a Form or Page from all users, and now I can't access them to fix my mistake! ====
 +**Scenario :** You're working on the security for a form (or page), hiding it for some users, and showing it for others. ​ All is going well until you accidentially put an action in the wrong place, or under an incorrect evaluation and suddenly no one can view the form!
 +
 +**Issue :** There is no way to access these actions since you can't see the form.
 +
 +**Solution :** Find the actions using the App Explorer and disable them.  Then, you can access the page, fix your mistake and re-enable them.
 +
 +So, how do we do that?
 +
 +To manually fix this, what we need to do this this : 
 +
 +
 +1. Open App Explorer.
 +
 +2. Find the Form/Page we need to unlock.
 +
 +2a. If it's a Page, and you have a link that opens that page, you can look at that link'​s,​ actions'​ configuration and get the page name from there, and then use the search features of the App Explorer to narrow the list to just your Page.
 +
 +2b. If it's a Form, you may just need to find the table it's related to, and open that table in the Tree.  You will then see all relatinship tables, forms, fields and actions associated with that table.
 +
 +You should see something similar to this : (in my case I know the page is called "Add a Packing Slip")
 +
 +
 +{{ :​security_troubleshoot_app_explorer.png?​nolink |}}
 +
 +
 +3. Click on the blue text to the right of the first action, (a1441409).
 +
 +4. Find the field called "Is Disabled (e290)"​
 +
 +5. Click the Wrench to the right, check the box and Save.
 +
 +6. Exit the Application Explorer.
 +
 +7. Open any actions interface to clear your application cache. ​ (Manual changes in the App Explorer don't cause the cache to clear.)
 +
 +
 +Viola! ​ When you try and access this form or page again, it should now be visible! ​ When you edit the Security Actions for this page, you should see your top most action there, just disabled. ​ Go ahead and make your modifications and re-enable it.
security - permissions.txt ยท Last modified: 2016/09/14 14:19 (external edit)
Copyright WorkXpress, 2019