Record Level Security - Is it possible?

I've done it with a BPM. I created a supplier group called "HIDE" and assigned the group to the suppliers we wanted only payables to have access to. I created a pre-processing BPM on Vendor.GetList with the behavior "user called the method does not belong to AP group". That calls up an action with custom source code as follows (I included my comments for clarification if needed):

/*append to whereClause so search called from anywhere filters "hidden" vendors. 10/18/2012 note: search appears to need the AND if a starting value is entered, but can't contain the AND if no starting value is entered, so I used the IF statement to change the whereClause if needed.*/

define variable grouptemp as character no-undo.

assign grouptemp = '(GroupCode <> ~'HIDE~') AND ' + whereClause.

IF whereClause BEGINS " BY" THEN assign grouptemp = '(GroupCode <> ~'HIDE~') ' + whereClause.

assign whereClause = grouptemp.

This doesn't stop someone from typing in a supplier ID and gaining access to it. I haven't played with the data directives in E9 so I'm not sure if they would be more effective. I'm also not sure if this should also be put in the GetRows method. Hope this helps!

Sue

--- In vantage@yahoogroups.com, "Winter, Patrick" <pjw@...> wrote:
>
> Accounting would like to block access to viewing certain suppliers.
> Anyway to skip listing a dozen or so vendors when using supplier tracker
> or supplier maintenance?
>
> Patrick Winter
>
> Epicor 9.05.700c, Progress Database, Windows Server 2008 R2 Standard
>
>
>
>
> [Non-text portions of this message have been removed]
>
Accounting would like to block access to viewing certain suppliers.
Anyway to skip listing a dozen or so vendors when using supplier tracker
or supplier maintenance?

Patrick Winter

Epicor 9.05.700c, Progress Database, Windows Server 2008 R2 Standard




[Non-text portions of this message have been removed]
Is a tricky BPM where you delete records depending on the current user...

Ttvendor.Checkbox01 is how accounting marks what vendor they want to keep private.

If the current user doesn't belongs to XXX security group:

For each ttvendor no-lock where
ttvendor.checkbox01 = 1:

Delete ttvendor.

End.


Marco Vissuet
Systems Engineer
Pacific Contours Corporation
Office (619) 670-3900
Fax (619) 670-1643
mvissuet@...<mailto:marcov@...>
http://www.pacificcontours.com/

"The information contained herein may be subject to the International Traffic in Arms Regulations (ITAR) Warning: - This document contains data whose export is restricted by the Arms Export Control Act (Title 22, U.S.C., Sec 2751, et seq.) as amended, or the Export Administration Act (Title 50, U.S.C., App 2401 et seq.) as amended. Violations of these export laws are subject to severe criminal and civil penalties. Disseminate in accordance with provisions of DoD Directive 5230.25.

From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf Of Winter, Patrick
Sent: Monday, December 03, 2012 1:44 PM
To: vantage@yahoogroups.com
Subject: [Vantage] Record Level Security - Is it possible?



Accounting would like to block access to viewing certain suppliers.
Anyway to skip listing a dozen or so vendors when using supplier tracker
or supplier maintenance?

Patrick Winter

Epicor 9.05.700c, Progress Database, Windows Server 2008 R2 Standard

[Non-text portions of this message have been removed]



[Non-text portions of this message have been removed]