User Tools

Site Tools


Custom Security Model

In addition to the standard security devices in DreamApps, sometimes you may need implement a highly customized security model while allowing access to pages and menus to users. DreamApps allows you to devise a custom security model by defining a method incorporating the rules based on any number of arbitrary factors. The Custom Security Models are applied user by user. These are the steps:

  • Define a method1) that would return an integer local variable named return. It should return a value of 1 if access is allowed. Any other value will disallow access.
  • In System Administration→User, Roles, Groups and Limits→User tab, update the field Custom Security Model for the user by selecting the name of the above method.

Here is an example:

method mycoid_security
  if role .eq. "User" .and. team .eq. "SSM"
    if menu .eq. "*home"
      set menu="mycoid_home"
    end if
    if menu .eq. "mycoid_ssm" .or. menu .eq. "mycoid_settings" .or. option .eq. "SSM" .or. ~
       option .eq. "Company Info" .or. option .eq. "Verification" .or. option .eq. "Finance" 

      str mysql="select count(*) from zxgaccess a,cagroup g where a.zid=g.zid and ~
                a.xguser=g.xguser and xtyperes='Menu' and xresource='"+menu+"' and ~
                xoption='"+option+"' and zemail='"+#user+"' and g.zactive='1'"
      int itemp=#sql(int,mysql)
      if itemp > 0
        int return=1
        int return=0
      end if
      int return=1
    end if
    int return=1
  end if
end method

Usually to be placed in the appropriate custom resource folder.
/srv/www/htdocs/wiki/data/pages/custom_security/start.txt · Last modified: 2012/09/23 13:55 (external edit)