StrataFrame Forum

End User Security Maintenance

http://forum.strataframe.net/Topic17447.aspx

By Guillermo Vilas - 6/28/2008

Hello team,
I'm dealing with a new scenario that I need to solve. In the application I'm developing I have the system administrator which will have permission to add users, roles and assign permission (this is the standard and common way). But now there comes the end user last request: She wants the warehouse manager to handle creation of operator user, roles and permission for them at warehouse level only, thats means that the warehouse manager doesn't need to access the rest of the company security maintenance. Is there a easy or not so easy way to solve it with SFS? or I need to tell here that she needs to write it in the wish list for christmas Hehe

Thanks in advance for your help

By Trent L. Taylor - 6/28/2008

Just so that I understand this correctly...you want the ability for a particular user to only be able to manage permissions for a group of other users but be restricted from assigned certain permissions or groups to a different group.  Is that correct?
By Guillermo Vilas - 6/28/2008

Hello Trent,

yes that is correct
By Trent L. Taylor - 6/29/2008

Hmmm...this is the first time that I have had that request...and it is something that we would need to implement within RBS itself (SecurityDialog).  I will talk with some of the other guys next week, but this will have to be  future enhancement.  This might be something that we can consider after th 1.6.6 build....but it isn't a quick fix...sorry Ermm
By Edhy Rijo - 6/29/2008

Trent L. Taylor (06/29/2008)
Hmmm...this is the first time that I have had that request...and it is something that we would need to implement within RBS itself (SecurityDialog). 

Well, please add me in for the same request.Tongue

Even thought I have not review the security features yet, in my current VFP applications, there is a Security Level feature that will implement just that.  For example, the levels could be from A-Z or 1-10 or whatever, but the case is that a user assigned with a level of C will not be able to see other users from above level A & B, also this user with level C, can only assign levels from C-Z preventing the lower levels to modify his record or those from above levels.

Again, since I really have not read anything about SF security, can not suggest anything just yet, but wanted to let you know about the above feature.

By Guillermo Vilas - 6/29/2008

Thanks Trent,

I will add this as a new feature for a future release of the application to my customer too Wink, like next friday... 2009
By Trent L. Taylor - 6/29/2008

LOL...sounds good Smile