hide other users From Simplifier UI, but be able to get them from Server Side BO
-
Vasileios ThanasiasHas successfully completed the online course Basics (100)1 year ago #38445
Hello, I’m getting all the users that belong to a group via the command below.
Simplifier.Group.getUsersByGroup(id);
However, this requires the permission for the characteristic: [read] for Users.
When I enable this permission, I can see the list of all Simplifier Users, which we need to hide due to GDPR policy. Is there any way to hide the list of other Simplifier users, while being able to user a command to the BO such as Simplifier.Group.getUsersByGroup(id);
Jennifer HäfnerHas successfully completed the online course Intermediate (200)Has successfully completed the online course Advanced (300)Has successfully completed the online course Basics (100)Has successfully completed the online course Advanced (310)Has successfully completed the online course Advanced (320)Has successfully completed the Intermediate CertificationHas successfully completed the Advanced CertificationJennifer HäfnerHas successfully completed the online course Intermediate (200)Has successfully completed the online course Advanced (300)Has successfully completed the online course Basics (100)Has successfully completed the online course Advanced (310)Has successfully completed the online course Advanced (320)Has successfully completed the Intermediate CertificationHas successfully completed the Advanced Certification1 year ago #38476::Hi Vasileios,
There is currently no way to hide the users in the user list if the logged-in user has the permissions to read all users. I can think of this workaround, but I haven’t actually tested it:
- Remove the permission to read all users –> the user list is not visible in the Simplifier UI. Instead, assign a role or an attribute to the user, like ‘canReadUsers’
- However, the user needs the permission to read themselves and to read and assign roles
- When the user logs in to the application, check inside a Server-Side Business Object (SBO) function if the user has the required role or attribute ‘canReadUsers’
- If yes: use the SBO API to assign a role to the logged-in user which includes the permission to read all users
- Do the logic inside the application that you need to do (e.g., read users of a given group)
- After that, in another SBO function, unassign the role which includes the permission to read all users again from the logged-in user –> the user only has this role to read all users for the necessary task inside the application
Let me know if this works for you.
Vasileios ThanasiasHas successfully completed the online course Basics (100)1 year ago #38486::Hi Jennifer, thanks for the suggestion
Unfortunately, the update operation didn’t work.
var oUpdatedRole = Simplifier.Role.update(role.id, {name: role.roleName, active: true, description: “updated description”, assignedUsers: [oUser.id]});
This gives an error: No Permission for read.
However. if I don’t assign the role to the user, just update it, then it works.
var oUpdatedRole = Simplifier.Role.update(role.id, {name: role.roleName, active: true, description: “updated description”});
If I assign to the user the SF_Administrator, then it works. So I’m not sure which permission is missing.
The user has already SF_AppUser role (can read self) + the custom role below
Jennifer HäfnerHas successfully completed the online course Intermediate (200)Has successfully completed the online course Advanced (300)Has successfully completed the online course Basics (100)Has successfully completed the online course Advanced (310)Has successfully completed the online course Advanced (320)Has successfully completed the Intermediate CertificationHas successfully completed the Advanced Certification1 year ago #38507::Hi Vasileios,
You said that you update the role to assign it to the user. Try to use Simplifier.User.assignRole(userNameOrID, roleID) and Simplifier.User.unassignRole(userNameOrID, roleID) to add/remove a role to a user.
To get the correct roleID, execute Simplifier.Role.getAll() and copy the ID of the respective role.
Vasileios ThanasiasHas successfully completed the online course Basics (100)1 year ago #38509
You must be logged in to reply to this topic.