custom_security:start
Custom Security Model
In addition to the standard security devices in DreamApps, sometimes you may need implement a highly customized security model while allowing access to pages and menus to users. DreamApps allows you to devise a custom security model by defining a method incorporating the rules based on any number of arbitrary factors. The Custom Security Models are applied user by user. These are the steps:
- Define a method1) that would return an integer local variable named return. It should return a value of 1 if access is allowed. Any other value will disallow access.
- In System Administration→User, Roles, Groups and Limits→User tab, update the field Custom Security Model for the user by selecting the name of the above method.
Here is an example:
method mycoid_security
if role .eq. "User" .and. team .eq. "SSM"
if menu .eq. "*home"
set menu="mycoid_home"
end if
if menu .eq. "mycoid_ssm" .or. menu .eq. "mycoid_settings" .or. option .eq. "SSM" .or. ~
option .eq. "Company Info" .or. option .eq. "Verification" .or. option .eq. "Finance"
str mysql="select count(*) from zxgaccess a,cagroup g where a.zid=g.zid and ~
a.xguser=g.xguser and xtyperes='Menu' and xresource='"+menu+"' and ~
xoption='"+option+"' and zemail='"+#user+"' and g.zactive='1'"
int itemp=#sql(int,mysql)
if itemp > 0
int return=1
else
int return=0
end if
else
int return=1
end if
else
int return=1
end if
end method
1)
Usually to be placed in the appropriate custom resource folder.
/srv/www/htdocs/wiki/data/pages/custom_security/start.txt · Last modified: 2012/09/23 13:55 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
