7 Replies Latest reply on Aug 23, 2010 9:01 AM by gerardnico

Selective writeback security?

Robert Angel Aug 19, 2010 9:59 AM

Hi,

I have two security groups; -

Control
Standard

I want Control Group to be able to use a Total Report in a dashboard to writeback values to the database.

I want Standard to be able to use transaction level reports in a dashboard to writeback values to the database.

But, I want to restrict writeback such that Control cannot writeback values at transaction level and Standard cannot writeback values at Total level, but both can see - without having the writeback facility - the control reports - is this possible with standard security (not LDAP)??

thanks,

Robert.

Edited by: Robert Angel on 19-Aug-2010 02:59

1. Re: Selective writeback security?

gerardnico Aug 19, 2010 8:34 PM (in response to Robert Angel)

Just create two answers and give them the authorization to only one group.

You will end up with:
- one answers at transaction level for the standard group
- one answers at total level for the standard group

Cheers
Nico
1 person found this helpful
Like Show 0 Likes(0)

Actions
2. Re: Selective writeback security?

Robert Angel Aug 23, 2010 6:53 AM (in response to gerardnico)

This is currently my workaround solution, but I dislike it for maintenance / enhancement reasons....

thanks for your input though,

Robert.
Like Show 0 Likes(0)

Actions
3. Re: Selective writeback security?

gerardnico Aug 23, 2010 7:26 AM (in response to Robert Angel)

You have an other solution which is the audit.
Just add a hide column to get the user and add it in your SQL statement.

I prefer audit than to implement security.
You have more flexibility.

Cheers
Nico
Like Show 0 Likes(0)

Actions
4. Re: Selective writeback security?

Robert Angel Aug 23, 2010 8:19 AM (in response to gerardnico)

Hi Nico,

what do you mean by 'audit'?

From what you expand, am I presuming that you mean I; -

1. Add a column that gets user name or user group to ascertain if user should be allowed writeback
2. Hide column

And then still allow postback (yes?) but itercede some logic that picks up the hidden user / group value and IF group user = allowed THEN continue as normal ELSE do nothing??

Is this what you mean, if not then kindly explain audit??

regards,

Robert.
Like Show 0 Likes(0)

Actions
5. Re: Selective writeback security?

gerardnico Aug 23, 2010 8:51 AM (in response to Robert Angel)

I mean:
- add a column in answer with the name of the user
- add a user column in the target table
- use it in your writeback SQL statement to update it

You can then know who is the last user who has updated the data.
You can also add a trigger on the write back table to seed an history table.

no IF THEN ELSE/security logic, just an audit to know which user has updated the data in case of
conflict or just to give a better formation.

Cheers
Nico

Edited by: gerardnico on Aug 23, 2010 10:51 AM has and not have
Like Show 0 Likes(0)

Actions
6. Re: Selective writeback security?

Robert Angel Aug 23, 2010 8:54 AM (in response to gerardnico)

Ok.

Thanks for your input and clarification.

In this case the users should not be allowed this level of input so prohibiting the behaviour entirely is my only option, but I understand where you are coming from...

thanks again,

Robert.
Like Show 0 Likes(0)

Actions
7. Re: Selective writeback security?

gerardnico Aug 23, 2010 9:01 AM (in response to Robert Angel)

If you want, you can implement the security in the trigger ;-)
But it's more work and not very maintainable.

Success
Nico
Like Show 0 Likes(0)

Actions

Go to original post