Hi Normal_Guy,
At the moment K2 doesn't have "Form level role security", only what you would call "Category Security". This falls under our Authorization Framework, which you can read more about here:
https://help.k2.com/onlinehelp/k2five/userguide/5.2/default.htm#AuthorizationFramework/Authorization-Framework-Overview.htm
In other words, you need to use different states on your Form, and show the specific state to a user if he's in a specific Role (for example to show different buttons on the Form).
Regarding your question below, it sounds like you want to only return certain users from a specific Role. You can use filtering for that on the UMUser SmartObject yes, but it's difficult to help you if you don't give us the error message text. Generic could mean anything.
Kind regards,
ChrisW
I Forgot to update the thread, I have managed to resolve the issue.
The Smartobject is not longer available as in 4.7, I had to find the service instance and create the 'IsUserManagerRole'.
It can be found here: K2 Managment / Security / UserRoleManager / IsUserMemberOfRole
I can pass the username and role name and a bit is returned.
With this I can execute some form rules.
Thanks!
Regards
Hi DudeZA,
Thanks for finding the solution.
It might be a good idea to ask for this feature to be added again in K2, you can do this by going here and logging what we call an "idea":
https://ideas.k2.comThe more votes the idea gets, the sooner it will be implemented.
Kind regards,
ChrisW
I have used this smartobject to hide controls on a smartform, works well.. except that if the user does not exist in the role it seems that K2 shows an error dialog?
I'm assuming there is no way to turn this off and that I need to try a different SmartObject?
I have found a clean-ish solution. This will check if the user is within a specific role, you can use this on a Form/View.
1)
Create a new Expression on your Form, call it Format User FQN. The purpose of this expression is to replace backslash with double backslash:
- Replace (FQN, , )
2)
Create a new Parameter, call it Role Users.
3)
Execute the following SmartObject and assign the result to a Role Users Parameter:
Management > Users > SmartObjects > User Role Item
- (The SmartObject returns all users in an array format for a given role)
After this step, use an advanced condition to determine what should be done if the logged in user is within the role:
- Role Users Parameter contains the Expression Format User FQN