StrataFrame Forum

Detailed security

http://forum.strataframe.net/Topic25754.aspx

By Coolbreeze - 2/3/2010

How detailed is the security in strataframe? I know menus and pages can be disabled. But can they be hidden as not seen. Also, does strataframe support field level security?

Rudolph

By Trent L. Taylor - 2/3/2010

It is extremely deep and does support field level security. You can really customize how you want the field level security to behave as well on a per permission basis. You can use replacement characters (i.e. xxx-xx-xxxx for a social security example) or have it show text (i.e. 'Access Denied'). As for hiding things, you bet. You can inquire about a permission in code and basically do anything that you want:



MyMenuItem.Visible = SecurityBasics.CurrentUser.GetPermission("MyKey").Action == Grant
By Coolbreeze - 2/3/2010

O.k

Because I think it would be better to hide for instance, New on a form as oppose to when a user click on it, you Access Denied.

Looks more clean

By Edhy Rijo - 2/3/2010

Hi Rudolph,



SF security is very powerful for the developer and easy to use for the End User. I would suggest you carefully read the SF Security chapter in the help file as well as looking at the document posted by Charles Thomas Blankenship in the "SF Users Contributed Samples" forum.
By Coolbreeze - 2/3/2010

Thanks Eddy
By Russell Scott Brown - 2/3/2010

There is also a really nice article on Les Pinter's website (www.LesPinter.com) about Implementing Strataframe Security (article 412) that you might want to check out.
By Coolbreeze - 2/6/2010

Hi

Thanks to all who responded. I am not certain how clear I was to you all so I have added a screen to be more graphic in my explanation. Let me know if it is possible in this fantistic framework.

Rudolph

By Edhy Rijo - 2/6/2010

Rudolph, still is not clear what is it that you want. Based on your image you already have it working, isn't that the case?



If it is not working, then try to be more specific in what you want to accomplish. By reading the documentation and understanding how it works you can control every object in the form by checking for specific security permission that you should have been created first.
By Ivan George Borges - 2/7/2010

Hi Rudolph.

One way to apply security into a SF application is to do it programatically. So lets say you would like to hide a menu item based on the user permissions, the following code could be used to accomplish that:

        If SecurityBasics.CurrentUser.GetPermission("Your Permission Key").Action = PermissionAction.Grant
            Me.YourMenuItem.Visible = True
        Else
            MeYourMenuItem.Visible = False
        End If

Hope it helps.

By Trent L. Taylor - 2/7/2010

Rudolph,

The logic you are trying to produce is actually very possible and is something that we even do ourselves in our medical application.  In fact, we have one dialog that is extremely complex in our medical application called Patient Registration.  We have the ability to allow users to do the following:

  • View but not edit
  • Edit some fields like the name and phone numbers, but cannot see or change anything else
  • Allow users to add but not edit
  • Other field level security such as social security cannot be read as it uses replacement characters but they can modify basic demographic information

There are many other security permissions on this dialog as well, but the point is you can get as sophisticated and complex as you like.  I have yet to run into a scenario where I couldn't secure something that way that we needed to...that is why the RBS continues to grow and evolve to support all of these types of scenarios! Smile

By Coolbreeze - 2/7/2010

Thanks Trent
Sounds good.

Rudolph