Welcome to the nuBuilder forums!

Please register and login to view forums and other content only available to registered users.

[Added] New User Permissions Functionality

Information about updates, news, Code Library
Post Reply
admin
Site Admin
Posts: 2781
Joined: Mon Jun 15, 2009 2:23 am
nuBuilder Version: 4.5
Been thanked: 1 time

[Added] New User Permissions Functionality

Unread post by admin »

There is a new enhancement to nuBuilder – the ability to set (single) user permissions with unprecedented flexibility.
In addition to the existing Access Levels that govern access to forms, reports, and procedures, users can now be assigned specific "Permissions."

These Permissions are fully customisable, allowing administrators to define their functionality and implementation according to specific needs.
The implementation or verification of a permission can be carried out using SQL, JavaScript or PHP, depending on the case.

1. Use case

For instance, if you want only users with the "Configuration" permission to access a certain form, you can easily enforce this without creating a new Access Level for each individual user. (Note that general access to that form must still be given through an Access Level)

From the Home screen, select 'Permission Items' from the Users drop-down:

home_add_permission_item.jpg
home_add_permission_item.jpg (23.27 KiB) Viewed 149 times


Add and create a new item:

new_user_permission_item.jpg
new_user_permission_item.jpg (28.78 KiB) Viewed 149 times
Next, assign the permission to a user (open an existing user, chose the tab "Permission" and select the corresponding permission from the lookup.

Finally, add the following line in the "Before Edit" event of a (configuration) form:

Code: Select all

if (!nuUserHasPermission('configuration')) {
   nuDisplayError('Access to Configuration denied');
}


2. Use case

Here's another practical example:
In a Browse Form, to display certain records only to users with a particular privilege (e.g. a supervisor).
The current user will see records where their user ID matches a value in a database column, or if the user has the 'supervisor' privilege, all records will be displayed.

You can achieve this through a SQL query like:

Code: Select all

SELECT * FROM my_table
WHERE '#USER_ID#' = my_table.user_id
   OR FIND_IN_SET('supervisor', '#USER_PERMISSIONS#')
'#USER_ID#' = my_table.user_id: This part ensures that only records where the user ID matches the specified user ID (represented by the Hash Cookie'#USER_ID#') are included in the result set.

User Permissions Matching:

FIND_IN_SET('supervisor', '#USER_PERMISSIONS#'): This condition checks if the value 'supervisor' is found within the comma-separated list of user permissions (represented by the Hash Cookie '#USER_PERMISSIONS#'). If this condition is true, the corresponding records are also included in the result set.

3. Use case

And for a scenario where a button should only be visible to users with a particular permission (e.g., "hr_form"), you can utilise the following JavaScript in a form's Custom Code.

Code: Select all

if (!nuUserHasPermission('hr_form')) {
  nuRemove('hr_button_id');
}
Top
Post Reply

Return to “News & Announcements”