Home | Forums | Contact | Search | Syndication  
 
 [login] [create account]   Monday, November 25, 2024 
 
slxdeveloper.com Community Forums  
   
The Forums on slxdeveloper.com are now retired. The forum archive will remain available for the time being. Thank you for your participation on slxdeveloper.com!
 External Development Forums - Design & Architecture Topics
Forum to discuss designing applications to work with SalesLogix. View the code of conduct for posting guidelines.
Forums RSS Feed


 Back to Forum List | Back to Design & Architecture Topics | New ThreadView:  Search:  
 Author  Thread: How to implement security in Saleslogix?
Rekha
Posts: 72
 
How to implement security in Saleslogix?Your last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 23 Jul 07 3:19 AM
Can anyone please explain how the seccode security works in saleslogix? i want to know all the accounts owned by a particular logged in user, what tables should i look into.. there are many tables linking seccodeid. For example the following query brings all the distinct seccodeid from accounts. how should i map userid to seccodeid?

SELECT DISTINCT S1.SECCODEID
FROM SECCODE S1 INNER JOIN
ACCOUNT A1 ON (S1.SECCODEID=A1.SECCODEID) ORDER BY SECCODEID
GO

if i look into the table relationships, i am able to find that there is parent and child seccodeid and profile id. also there are teams, departments and group level security. If the seccodeid is set to everyone, those records also needs to be linked to currentuserid.

Can anyone explain how this field, account level security be implemented?
[Reply][Quote]
Rekha
Posts: 72
 
Re: How to implement security in Saleslogix?Your last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 23 Jul 07 8:14 AM
I was able to get all the opportunities for admin through this query below:

select distinct opportunityid from opportunity where seccodeid in
(select distinct CHILDSECCODEID from seccodejoins where profileid in
(Select profileid from secrights where accessid ='admin')) and seccodeid in
(select distinct PARENTSECCODEID from seccodejoins where profileid in
(Select distinct profileid from secrights where accessid ='admin')) order by opportunityid

when i checked it with saleslogix client, it showed the exact amount of opportunities (77 rows - in SLX eval db)

but when i tried it with another userid - 'UFFED0000034' it returned 77 rows number of rows. but when i checked in saleslogix client it had only 74 rows..

select distinct opportunityid from opportunity where seccodeid in
(select distinct CHILDSECCODEID from seccodejoins where profileid in
(Select profileid from secrights where accessid ='UFFED0000034')) and seccodeid in
(select distinct PARENTSECCODEID from seccodejoins where profileid in
(Select distinct profileid from secrights where accessid ='UFFED0000034')) order by opportunityid

could anybody please tell me what's wrong in this approach?
[Reply][Quote]
Zeph
Posts: 37
 
Re: How to implement security in Saleslogix?Your last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 24 Jul 07 10:34 AM
I think this would work

SELECT * FROM opportunity WHERE seccodeid IN
(
select defaultseccodeid from USERSECURITY where userid = 'U6UJ9A00003B'
UNION ALL
SELECT parentseccodeid FROM seccodejoins where childseccodeid =
(select defaultseccodeid from USERSECURITY where userid = 'U6UJ9A00003B')
)

I don't think this works with the admin user though because the admin user has access to everything, right?

Your method is pulling the profile for the user (read only, read write etc...) and then pulling all seccodes for that profile. The sec code is the access level for the record. So for a particular user, they can see the record if it belongs to them (record.seccodeid = usersecurity.defaultseccodeid) or if a group that they belong to can see the record (done in the seccodejoins table).

Disclaimer: I don't know this to be true, just what i've observed.
[Reply][Quote]
Mike Spragg
Posts: 1226
Top 10 forum poster: 1226 posts
 
Re: How to implement security in Saleslogix?Your last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 25 Jul 07 1:31 AM
What is it you are actually trying to do ? If you simply want to secure your data - add the column SECCODEID to your table and populate it with user/team and SLX will automatically then add an additional clause to ANY query the user makes to ensure they only get the data they are entitled to.
[Reply][Quote]
 Page 1 of 1 
  You can subscribe to receive a daily forum digest in your user profile. View the site code of conduct for posting guidelines.

   Forum RSS Feed - Subscribe to the forum RSS feed to keep on top of the latest forum activity!
 

 
 slxdeveloper.com is brought to you courtesy of Ryan Farley & Customer FX Corporation.
 This site, and all contents herein, are Copyright © 2024 Customer FX Corporation. The information and opinions expressed here are not endorsed by Sage Software.

code of conduct | Subscribe to the slxdeveloper.com Latest Article RSS feed
   
 
page cache (param): 11/25/2024 5:11:28 PM