Prev
Next
Forums Infor / Lawson Platforms S3 Security

Company Level Security

 12 Replies
 0 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
Jay Riddle
New Member Send Private Message
Posts: 0
New Member
3/18/2010 8:04 PM

Using the new Lawson security is there a quick way to setup company level security so only certain users can see a company? 

MattM
Veteran Member Send Private Message
Posts: 82
Veteran Member
3/18/2010 11:17 PM
Create an element rule on COMPANY that states if COMPANY=="company number" then no access else all access and apply it to whichever roles you dont want to have that company.
John Henley
Send Private Message
Posts: 3351
3/18/2010 11:44 PM
There is a new user attribute in RM called "CompanyControl" (I think that's the name) you can use to avoid hard-coding. =
Thanks for using the LawsonGuru.com forums!
John
Jay Riddle
New Member Send Private Message
Posts: 0
New Member
3/19/2010 1:50 PM
We are on 9.0.0.4 so I think we do not have the CompanyControl attribute. Also even with an element rule wouldn't we need to go through every form and add in isElementAccesible(....)??? Going through every form on every security class is what I would like to avoid if possible.
MattM
Veteran Member Send Private Message
Posts: 82
Veteran Member
3/19/2010 2:05 PM
The company and process level elements are different, they use the 700/900 security that LAUA used when defining data level security. If you create a rule on company and assign that security class to a users role, the effect is global. If you wrote an element rule on employee or such, you would have to write the isElement... rule on each token. If you use ESS, be careful of the impacts to a users access to the company they exist in. Hope this helps.
StacyR
Send Private Message
Posts: 5
3/19/2010 4:37 PM

MattM - 

Would you add this to an element or element group?

Jay Riddle
New Member Send Private Message
Posts: 0
New Member
3/23/2010 5:08 PM
We tried both a element and an element group rule and it didn't seem to deny access. Is the rule on a specific type of element group? On a related note: We do not have any employees in the company we are attempting to lock down so we I wouldn't think we will run into ESS/MSS issues.
Mark F. Hardy
Veteran Member Send Private Message
Posts: 45
Veteran Member
3/23/2015 8:36 PM
I did as you said in your post of 03/18/2010 7:44 PM. No luck. Anything else needs to be done? Thanks!
Mark F. Hardy
Veteran Member Send Private Message
Posts: 45
Veteran Member
3/23/2015 8:36 PM
This last post was for John Henley. Thanks.
Jimmy Chiu
Veteran Member Send Private Message
Posts: 641
Veteran Member
3/24/2015 12:03 PM
Add Files to a new secClass Add COMPANY element to the new secClass Add secClass to role Assign role to user if(user.attributeContains('CompanyControl',lztrim(COMPANY))) 'ALL_ACCESS,' else 'NO_ACCESS,' Add value of the company(s) in user RM "CompanyControl" that they should have access to. If they can still access everything, you have another rule overriding the company element.
Mark F. Hardy
Veteran Member Send Private Message
Posts: 45
Veteran Member
4/6/2015 4:30 PM
I just saw this post.  I think I understand what you are saying.  I'll give it a go.  Update to follow.
Greg Moeller
Veteran Member Send Private Message
Posts: 1498
Veteran Member
4/9/2015 9:10 PM
Be careful setting this up for ESS access. I believe that there is the entry in AC00.1 under the 'Security' field. I've heard that you also need these set up in your company control attributes to have ESS work correctly... Not sure why.
LKEN2002
New Member Send Private Message
Posts: 3
New Member
6/6/2016 7:34 PM
I saw this post while trying to do the same thing. I have to secure a company and I tried the group and element and it hasn't secured it. Not sure what else I am missing. Any help would be appreciated.

 

Update:  tried it again with just element this time and it works!!