User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

custom_security:start [2012/09/23 13:55] (current)
Line 1: Line 1:
 +=====Custom Security Model=====
 +In addition to the standard security devices in DreamApps, sometimes you may need implement a highly customized security model while allowing access to pages and menus to users. DreamApps allows you to devise a custom security model by defining a method incorporating the rules based on any number of arbitrary factors. The Custom Security Models are applied user by user. These are the steps:
 +  * Define a method((Usually to be placed in the appropriate custom resource folder.)) that would return an integer local variable named **return**. It should return a value of 1 if access is allowed. Any other value will disallow access.
 +  * In //System Administration->​User,​ Roles, Groups and Limits->​User//​ tab, update the field **Custom Security Model** for the user by selecting the name of the above method.
 +Here is an example:
 +method mycoid_security
 +  if role .eq. "​User"​ .and. team .eq. "​SSM"​
 +    if menu .eq. "​*home"​
 +      set menu="​mycoid_home"​
 +    end if
 +    if menu .eq. "​mycoid_ssm"​ .or. menu .eq. "​mycoid_settings"​ .or. option .eq. "​SSM"​ .or. ~
 +       ​option .eq. "​Company Info" .or. option .eq. "​Verification"​ .or. option .eq. "​Finance" ​
 +      str mysql="​select count(*) from zxgaccess a,cagroup g where a.zid=g.zid and ~
 +                a.xguser=g.xguser and xtyperes='​Menu'​ and xresource='"​+menu+"'​ and ~
 +                xoption='"​+option+"'​ and zemail='"​+#​user+"'​ and g.zactive='​1'"​
 +      int itemp=#​sql(int,​mysql)
 +      if itemp > 0
 +        int return=1
 +      else
 +        int return=0
 +      end if
 +    else
 +      int return=1
 +    end if
 +  else
 +    int return=1
 +  end if
 +end method
/srv/www/htdocs/wiki/data/pages/custom_security/start.txt · Last modified: 2012/09/23 13:55 (external edit)