Record Level Security
Record Level Security and/or function. I would love to be able to have some users view all records while others are restricted to their own. IE, for Record Level Security have a "Manager" be able to view all, while a standard user can only view their own records for a datapage report.
-
OIR commented
My employer wants to build an application with the following specifications.
This application supports multi-role user accounts. Of the roles users can have, four must submit some sort of report:
- Role A submits 7 report types
- Role B submits 3 report types
- Role C submits 3 report types
- Role D submits 5 report typesIn total, 18 data pages.
In addition to these roles, one role is also relevant (Role E).
These are the privileges each should have to view each other's reports:
- Roles B, C, and D can view Role A's reports (report types 1 - 6, but not 7)
- Roles B, C, and D can view their own submitted reports
- Role A can view all reports submitted by Roles B, C, and D
- Role E can view all reports submitted by Roles A, B, C, and D.Since there's only one RLS choice, the current system would force me to duplicate each web page multiple times, one for each RLS.
- View Role A reports [32 data pages total] (7 for Role A viewing, 6 for Role B viewing, 6 for Role C viewing, 6 for Role D viewing, 7 for Role E viewing)
- View Role B reports [9 data pages total] (3 for Role A viewing, 3 for user B viewing, 3 for Role E viewing)
- View Role C reports [9 data pages total] (3 for Role A viewing, 3 for user C viewing, 3 for Role E viewing)
- View Role D reports [15 data pages total] (5 for Role A viewing, 5 for user D viewing, 5 for Role E viewing)To support this, I would need to create 65 data pages for what is effectively only 18 data pages.
Besides this being horrible for me to create, some user account can have multiple roles. Thus, the resulting user interface is absolutely atrocious. A user who has Role A, Role B, and Role E would need to use different data pages to view the correct data depending on the RLS for that data.
Please implement this feature.
-
Matt Moseley commented
This is definitely something I would like to have as well. Either multiple RLS choices (so you can select multiple user roles to view a record) for the matching field with an "OR/AND" function or put a "contains" checkbox next to the RLS field and then I could combine all user roles into one field and if the users logged in role is contained in that field they get access. This would save me a ton of redundant web pages and work.
-
kevin commented
I know what you are asking is different but my workaround is. Search and report being two data pages, use the report page to filter the role and leave a user role blank.
Search and Report Wizard - Configure Filtering Fields
Advanced
Authentication Fields
If empty, ignore criteriaStill trying to figure out RLS for dropdowns...