LSF9/LS/ESS

 7 Replies
 0 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
Jimmy Chiu
Veteran Member
Posts: 641
Veteran Member
    I am creating a new ESS security class since the lawson delivered ESS templates don't work. I have assigned the rules according to the Employee Self-Service Technical documentation. I keep getting this error when I do a pay check inquiry and here is the log from fiddler:

    Caused by: com.lawson.lawsec.author.runtime.LawsonSecurityException:Exception while checking security on token EMPLOYEE for user . Message: org.mozilla.javascript.WrappedException: Wrapped com.lawson.lawsec.RulesEngine.LawsonJavaScriptException:Got exception while intializing class JSRMFactory.isIdParentInStruct. Message: {1}. (#1)
    Stack Trace : org.mozilla.javascript.WrappedException: Wrapped com.lawson.lawsec.RulesEngine.LawsonJavaScriptException:Got exception while intializing class JSRMFactory.isIdParentInStruct. Message: {1}. (#1)

    Any idea?

    MattD
    Veteran Member
    Posts: 94
    Veteran Member
      Can you post the rule you are using?
      Jimmy Chiu
      Veteran Member
      Posts: 641
      Veteran Member
        I created an element group COMPEMP and assigned this rule to the ELG:

        if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
        'ALL_ACCESS,'
        else
        'NO_ACCESS,'

        On my EMPLOYEE file rule is:
        if(isElementGrpAccessible('COMPEMP','I','HR',table.COMPANY,table.EMPLOYEE))
        'ALL_ACCESS,'
        else
        'NO_ACCESS,'

        On my HR11.1 online rule is:
        if(isElementGrpAccessible('COMPEMP','I','HR',form.EMP_COMPANY,form.EMP_EMPLOYEE))
        'ALL_ACCESS,'
        else
        'NO_ACCESS,'
        Jimmy Chiu
        Veteran Member
        Posts: 641
        Veteran Member
          Even without the rules in place/lawsec off, I am still getting the same error.
          MattD
          Veteran Member
          Posts: 94
          Veteran Member
            Did you turn security off in the Security Admin or at the LID command prompt?
            Jimmy Chiu
            Veteran Member
            Posts: 641
            Veteran Member
              In secuirty admin.

              I have narrowed down the problem with conflicts between the ESS security class and the MSS security class.

              With only one class assigned, either ESS or MSS would function without problem.

              When both classes are assigned, it creates the EMPLOYEE tkn error posted above.

              In in ESS secclass EMPLOYEE file has this rule:
              if(isElementGrpAccessible('COMPEMP','I','HR',table.COMPANY,table.EMPLOYEE))
              'ALL_ACCESS,'
              else
              'NO_ACCESS,'
              and the COMPEMP has this rule:
              if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
              'ALL_ACCESS,'
              else
              'NO_ACCESS,'

              In my MSS secclass, employee file has this rule:
              if(user.getCompany()==lztrim(COMPANY)&&user.getEmployeeId()==lztrim(EMPLOYEE)||user.getAttribute('Access')=='Y')
              'ALL_ACCESS,'
              else
              'NO_ACCESS,'

              They both function fine by itself, but once you assign both to a role, it starts to bark out error...

              Any idea?

              MattD
              Veteran Member
              Posts: 94
              Veteran Member
                Here is my rule for the Employee file for employees. We don't utilize MSS at this time.

                if(isElementGrpAccessible('COMPEMP','','HR',lztrim(table.COMPANY),lztrim(table.EMPLOYEE)))
                'ALL_ACCESS,'
                else
                'NO_ACCESS,'

                I have never used the function ("I") before. You don't need to because you are setting the access.

                Hope this helps.
                Jimmy Chiu
                Veteran Member
                Posts: 641
                Veteran Member
                  Found out what the problem was. it's one of the rule in my MSS secclass.

                  I used user.isSupervisorOf(RDId) to gather the employee that the manager has access to. But we don't have a RM structure in place. Thus, the error.
                  I switched to user.isSupervisorOfEmpInHR (we have the HR07/HR11 structure in place), thus, error gone and no more issue.