Scenario:

1) User 1 logs in with admin rights and opens up form1

2) Lock Screen happens due to timeout or pushing F11

3) User 2 logs in with lower rights than User 1

4) Here I want to close form1 so that User 2 has a fresh start with no open screens.

Question:

Is there a way to temporarily provide admin or the last users rights so that open forms can be closed programatically and then return to using User 2's rights?

Cory Cookson

Software Developer

Occupational Health Research

Hi Cory.

Guess you could add a handler to AfterSessionLock and take care of your open forms in it. But what if you have uncommited changes to be saved?

Maybe, in your MDI form Load:

Then:

And/or the CurrentUserChanged event:

There is also a BeforeSessionLocked event.  Between all of these you should be able to implement your logic.

These are great suggestions.  Thank you both.

Let me try to explain again. 

If a user with the same rights logs in after me they should see all of the forms still open.  However, if a user with less rights logs in then all forms should close for that user. 

This is an issue because by the time the CurrentUserChanged or AfterSessionLock events fire the new user does not have rights to close the open forms.

Is there a way to temporarily create and login an admin user behind the scenes to close the open forms and then restore the user logging in or a way to temporarily elevate the users rights to admin, close the forms and then return the users rights to what they were before i modified them?

or.....am I missing something silly

Cory Cookson

Software Developer

Occupational Health Research

I have gotten this far in the AfterSessionLock event:

SFSUsersBO sfs = new SFSUsersBO();

sfs.FillByUserName(_LastUserLoggedIn);

SecurityBasics.CurrentUser = MicroFour.StrataFrame.Security.LoggedInUser.CreateNew(sfs);

This gives me back the user who had previously logged in but the form I want to close is still disabled and will not close

As always all feed back is appreciated.

Cory Cookson

Software Developer

Occupational Health Research

I'd look into a custom login form. Then you could set a flag that the session timed out (before session timed out event), then test for that when the user logs back in...they'll use your login form to do it, so you could test there if the user is changing after a time out and handle the forms before logging the new user in.



This also suggests an enhancement request: CurrentUserChanging event, which might be cancelable.

This doesn't make sense to me.  I'm able to switch users on the fly and the particular user I am swapping to does show as admin.

Is there a way at this point to tell security to reload so that the forms are not disabled?

It just feels like I'm missing something simple here (or not explaining myself well enough)

Cory Cookson

Software Developer

Occupational Health Research

Hi.

I see you worked your code in the AfterSessionLock. Have you tried managing your users in the BeforeSessionLock too?

yes, in the beforesessionlock I make sure that any form that has unsaved changes gets taken care of so that in the afterSessionLock event all that should have to happen is I close the open forms if it is not the same user.

Cory Cookson

Software Developer

Occupational Health Research

OK. Now, in the AfterSessionLock, before dealing with your open forms, have you tried something like:

Login.SetLoggedInUser("YourAdminUser", "YourAdminPassword", "")