Murakami Toshihiro
Project Manager
Asked a question 8 months ago

Is it possible to manage visible/invisible value in List depend on user role??


James JohnsonSEMARCHY TEAM
Senior Customer Success Consultant at Semarchy

It is possible to filter the content of lists (references) on a form by applying a filter to a entity for a role in the Model Privilege Grants, or to a business view, or to a picker filter in a stepper. 

This is the ER Diagram for the following scenario
This is the ER Diagram for the following scenario

 

I have created a role 'BusinessUser' .  

I have also created secondary roles for sales region users: NewEngland, MidAtlantic, Midwest, South,  and West  

Then I created users that have User Roles such as "BusinessUser, NewEngland, MidAtlantic" and "BusinessUser, Midwest, South"

Model Privilege Grants Method

When I add the following filter to Model Privilege Grants for the role BusinessUser on the "SalesAgent" entity, the system restricts Sales Agent Data visibility to only the regions in the BusineUser's entire User Role:

FID_SellsInRegion is null  OR SEM_INSTR(:V_USER_ROLES, SellsInRegion.NameOf) > 0  
Model Privilege Grant Filter
Model Privilege Grant Filter

Thus given a business user "Liam" whose roles are "BusinessUser, NewEngland, MidAtlantic"

* Liam can only see Sales Agents that sell into the New England and Mid Atlantic regions

* In any form Reference Control or Browsing list that displays Sales Agents, that control or list will be restricted to only those Sales Agents that sell into the New England and Mid Atlantic regions.

Liam can browse only those Sales Agents who sell in "NewEngland" or "MidAtlantic" Regions
Liam can browse only those Sales Agents who sell in "NewEngland" or "MidAtlantic" Regions
Primary Sales Agents limited to regions Liam can see
Primary Sales Agents limited to regions Liam can see

And given a business user "Noah" whose role is "BusinessUser, Midwest, South"

* Noah can only see Sales Agents that sell into the Midwest and South regions

* In any form Reference Control or Browsing list that displays Sales Agents, that control or list will be restricted to only those Sales Agents that sell into the  Midwest and South regions

Is it possible to manage visible/invisible value in List depend on user role??
Is it possible to manage visible/invisible value in List depend on user role??

Such a filter is universal across the application.  

Note that applying such a filter may restrict the user's ability to manage suggestions as I understand that visibility to an entity must be unrestricted to conduct those operations.

Business View Root Filter Method

You can modify a business view's  root filter to the following:

FID_SellsInRegion is null OR SEM_INSTR(:V_USER_ROLES, SellsInRegion.NameOf) > 0 OR SEM_INSTR(:V_USER_ROLES, 'semarchyAdmin') > 0

This will limit any browsing list to just those regions where a user has a role, or in the case of a semarchyAdmin user, it will show the entire list of sales agents. 

Modify A business view's root filter to restrict the content to only those regions present in a Business User's User Role.
Modify A business view's root filter to restrict the content to only those regions present in a Business User's User Role.

Picker Filter in a Stepper 

Find the stepper associated with the Reference picker that you want to limit.

In the steps section of that Stepper,  select the Form Step for the entity that is associated with the reference you want to filter.

Select the "Reference Selection"  finger tab in the properties section.   (If  the table is empty, click the refresh button at the upper right corner of this section.  The table will then populate with all the references for that entity.)

The Picker Filter for the reference is the cell to adjust

Find a step's reference selection Picker filter 
Find a step's reference selection Picker filter 

Click on the Picker Filter Editor for the reference to be restricted.

Modify the SemQL condition to:

SEM_INSTR(:V_USER_ROLES, Referenced.SellsInRegion.NameOf) > 0 OR SEM_INSTR(:V_USER_ROLES, 'semarchyAdmin') > 0

This will limit the picker (list on the form) to only those regions associated with a business user's User Roles.

Editing the Picker Filter for the reference
Editing the Picker Filter for the reference
The list in the picker is limited to only those Sales Agents that sell into regions associated with this business user's User Roles
The list in the picker is limited to only those Sales Agents that sell into regions associated with this business user's User Roles

Let me know if this does not appropriately address your question. 


Murakami Toshihiro 
Thank you for details solution. I understood It is possible to manage visibility of select list using Entity, instead of List value. This idea is very helpful for us.