Skip to main content

Control Property Access with Identity in Aras Innovator

In Aras Innovator, each ItemType links to a table in database. That means the Property links to a column for storing data.
If there are access issues for data field, create a Poly Item and Form with particular Identity should be the simplest way to implement.
When facing to complicated scenario (maybe various columns and Identity need to be considered together), the future maintenance work might be very difficult.
This article provides another thinking to achieve similar result with a little customization.

Change Property Access

The Property is also an ItemType in system, that means its access can be controlled by system permission.
In default, a Relationship will inherits permission from its parent. But in order to control Property access individually, the "Use Src Access" option should be cancelled (see Figure 1).

Figure 1

Create Private Permission

Open the ItemType which need to create various view (here takes "Part" as example), and follow below steps to create a new Property with private Permission:
  1. Create a new Property (here uses "_private" as name) in Part.
  2. View Relationship (open Property in Item Window).
  3. Lock item.
  4. Create private Permission (see Figure 2). 
  5. System will load Access from default Permission. Here only sets the "Administrators" Identity to demonstrate the difference (see Figure 3).
  6. Save, unlock and close Permission and Property.
Figure 2

Figure 3

Handle Field's Visibility

  1. Open Form (here is the "Part").
  2. Create a new Method with below code.
  3. Add created Method to Form Event with "OnLoad".

var field = getFieldByName('_private');

if (field)
{
    var identityList = aras.getIdentityList();
    
    //If user do not have "Administrators" Identity, hide the field
    field.style.display = (identityList.indexOf('2618D6F5A90949BAA7E920D1B04C7EE1')===-1) ? 'none' : '';
}

Prevent Output Field Data

This is an optional step for more data security due to users are not able to view the field data of "_private" Property after implementing all above steps.
As noted at start of this article, the Property links to a column in database table which means the data is stored with table. The step of "Create Private Permission" only defines "the access for the Property" not "the access of data". The data will still output when a request select all fields (see Figure 4).
The following steps will restrict data output:
  1. Open ItemType (here is the "Part").
  2. Create a new Method with below code.
  3. Add created Method to Server Event with "OnAfterGet".

Dim strIdentitiesList As String = Aras.Server.Security.Permissions.Current.IdentitiesList

'If user do not have "Administrators" Identity, remove the data
If Not CCO.Permissions.IdentityListHasId(strIdentitiesList,"2618D6F5A90949BAA7E920D1B04C7EE1") Then
    For i As Integer=0 To Me.getItemCount()-1
        Me.getItemByIndex(i).removeProperty("_private")
    Next
End If

Return Me

Figure 4

Result

The field and data of Property output normally when login as Admin (see Figure 5), but the field will hide and the data will not output if login as other user (see Figure 6).

Figure 5

Figure 6
標籤:

Comments

Post a Comment

Popular posts from this blog

aras.uiShowItemEx Method (aras Object)

aras.uiShowItemEx Method Shows Item with Item node. Syntax aras.uiShowItem( itemNd , viewMode , isOpenInTearOff ) Parameters Name Type Description itemNd Object Required. Item node. viewMode String Optional. Unknown purpose but only supports the following values: tab view (Default) openFile new ※Each supported value will get same result. Therefore, call method and pass undefined for this parameter is OK. isOpenInTearOff Boolean Optional. Specifies whether show Item with tear-off window. true - open in a tear-off window. false - open in a tab. (Default) Return Value An AsyncResult object or a Boolean. Returns AsyncResult object if the Item winodw is opened successfully, otherwise returns false. See Also aras Object Aras Innovator Client Framework
Post a Comment
Read more

aras.uiShowItem Method (aras Object)

aras.uiShowItem Method Gets Item by Item ID and then shows the Item. Syntax aras.uiShowItem( itemTypeName , itemID , viewMode ) Parameters Name Type Description itemTypeName String Required. Name of the ItemType. itemID String Required. ID of the Item. viewMode String Optional. Unknown purpose but only supports the following values: tab view - This is default. openFile new ※Each supported value will get same result. Therefore, call method without this parameter is OK. Return Value An AsyncResult object or a Boolean. Returns AsyncResult object if the Item winodw is opened successfully, otherwise returns false. See Also aras Object Aras Innovator Client Framework
Post a Comment
Read more

window.handleItemChange Method (Instance Window Object)

window.handleItemChange Method Changes current Item's property value. If Item is not locked, the function will do nothing. Syntax window.handleItemChange( propNm , propVal , dataType , datePattern ) Parameters Name Type Description propNm String Required. Property name. propVal String Required. Property value. dataType String Optional. Property data type. If the data type is "date", this parameter is required, otherwise it is not necessary to pass. datePattern String Optional. Date pattern, supports the following values: short_date (Default) short_date_time long_date long_date_time See Also Instance Window Object Aras Innovator Client Framework
Post a Comment
Read more