In Aras Innovator, each ItemType links to a table in database. That means the Property links to a column for storing data.
If there are access issues for data field, create a Poly Item and Form with particular Identity should be the simplest way to implement.
When facing to complicated scenario (maybe various columns and Identity need to be considered together), the future maintenance work might be very difficult.
This article provides another thinking to achieve similar result with a little customization.
Change Property Access
The Property is also an ItemType in system, that means its access can be controlled by system permission.
In default, a Relationship will inherits permission from its parent. But in order to control Property access individually, the "Use Src Access" option should be cancelled (see Figure 1).
|
Figure 1 |
Create Private Permission
Open the ItemType which need to create various view (here takes "Part" as example), and follow below steps to create a new Property with private Permission:
- Create a new Property (here uses "_private" as name) in Part.
- View Relationship (open Property in Item Window).
- Lock item.
- Create private Permission (see Figure 2).
- System will load Access from default Permission. Here only sets the "Administrators" Identity to demonstrate the difference (see Figure 3).
- Save, unlock and close Permission and Property.
|
Figure 2 |
|
Figure 3 |
Handle Field's Visibility
- Open Form (here is the "Part").
- Create a new Method with below code.
- Add created Method to Form Event with "OnLoad".
var field = getFieldByName('_private');
if (field)
{
var identityList = aras.getIdentityList();
//If user do not have "Administrators" Identity, hide the field
field.style.display = (identityList.indexOf('2618D6F5A90949BAA7E920D1B04C7EE1')===-1) ? 'none' : '';
}
Prevent Output Field Data
This is an optional step for more data security due to users are not able to view the field data of "_private" Property after implementing all above steps.
As noted at start of this article, the Property links to a column in database table which means the data is stored with table. The step of "Create Private Permission" only defines "the access for the Property" not "the access of data". The data will still output when a request select all fields (see Figure 4).
The following steps will restrict data output:
- Open ItemType (here is the "Part").
- Create a new Method with below code.
- Add created Method to Server Event with "OnAfterGet".
Dim strIdentitiesList As String = Aras.Server.Security.Permissions.Current.IdentitiesList
'If user do not have "Administrators" Identity, remove the data
If Not CCO.Permissions.IdentityListHasId(strIdentitiesList,"2618D6F5A90949BAA7E920D1B04C7EE1") Then
For i As Integer=0 To Me.getItemCount()-1
Me.getItemByIndex(i).removeProperty("_private")
Next
End If
Return Me
|
Figure 4 |
Result
The field and data of Property output normally when login as Admin (see Figure 5), but the field will hide and the data will not output if login as other user (see Figure 6).
|
Figure 5 |
|
Figure 6 |
Comments
Post a Comment