Solved

Smartform / control based Role Security

N

Hi All,

 

I wanted to add role based security to my smartform.

i.e: I have a form that should be viewed by the 'Standard' role. I have a button called 'Create' on that form that should only be viewed by 'Capture' role.

 

Usually I would go about using the UM(User Management) smartobjects and execute as follows:

I would try one of the various methods provided.

Input : user name or Fqn

Filter : Role name

If any output is returned then the user is in the required role.

 

But for some reason in K2 Five it no longer works that way.

 

I can return all roles or all users belonging to a role.

 

As soon as I add a filter, then I receive a generig error message.

 

Has anyone found a workaround on how to use form level role security?

 

Thanks!

icon

Best answer by DudeZA 22 May 2019, 12:28

View original

5 replies

C
Badge +7

Hi Normal_Guy,


 


At the moment K2 doesn't have "Form level role security", only what you would call "Category Security". This falls under our Authorization Framework, which you can read more about here:


https://help.k2.com/onlinehelp/k2five/userguide/5.2/default.htm#AuthorizationFramework/Authorization-Framework-Overview.htm


 


In other words, you need to use different states on your Form, and show the specific state to a user if he's in a specific Role (for example to show different buttons on the Form).


 


Regarding your question below, it sounds like you want to only return certain users from a specific Role. You can use filtering for that on the UMUser SmartObject yes, but it's difficult to help you if you don't give us the error message text. Generic could mean anything.


 


Kind regards,


ChrisW

D

I Forgot to update the thread, I have managed to resolve the issue.

 

The Smartobject is not longer available as in 4.7, I had to find the service instance and create the 'IsUserManagerRole'.

It can be found here: K2 Managment / Security / UserRoleManager / IsUserMemberOfRole

I can pass  the username and role name and a bit is returned.

With this I can execute some form rules.

 

Thanks!

 

Regards

C
Badge +7
Hi DudeZA,

Thanks for finding the solution.

It might be a good idea to ask for this feature to be added again in K2, you can do this by going here and logging what we call an "idea":

https://ideas.k2.com

The more votes the idea gets, the sooner it will be implemented.

Kind regards,
ChrisW
C

I have used this smartobject to hide controls on a smartform, works well.. except that if the user does not exist in the role it seems that K2 shows an error dialog?

 

I'm assuming there is no way to turn this off and that I need to try a different SmartObject?

 

C

I have found a clean-ish solution. This will check if the user is within a specific role, you can use this on a Form/View.

 

1)

Create a new Expression on your Form, call it Format User FQN. The purpose of this expression is to replace backslash with double backslash:

- Replace (FQN, , )

 

2)

Create a new Parameter, call it Role Users.

 

3)

Execute the following SmartObject and assign the result to a Role Users Parameter:

Management > Users > SmartObjects > User Role Item

- (The SmartObject returns all users in an array format for a given role)

 

After this step, use an advanced condition to determine what should be done if the logged in user is within the role:

- Role Users Parameter contains the Expression Format User FQN

 

 

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings