This topic is locked

Dynamic Permissions Cascading to Child Tables

6/19/2018 5:15:11 AM
PHPRunner General questions
K
klyle author

With Dynamic Permissions in 9.8, I can enforce "User can Edit Own Data" at the top level, Customer, which is the table where the UserID matches the one in the Users login table, but that setting doesn't Cascade down to Orders or Order Details.
If I give Add and Edit, the user can Add and Edit all the child table records.
I want that the user can only edit within the records that user owns.
How do I set this up?
Thanks!

M
mersintarim 6/19/2018

select this option "user can see other userdata; can edit their own data only" on security divison

K
klyle author 6/19/2018

Thanks!
Yeah, obviously. I have been around since version 3 or so, so I understand the basics. My memory is that this has always worked.
However, it's not working. The TOP Level (Customer) records are protected, but the user is able to edit ALL of the child (call therm Orders and Order Details) records.
And I am using Dynamic Security, leaving most of my users in the Group <Default>.
I do notice some oddities with using Access as my database on my development machine. I have to reset the rights of the <Default> group every build.
I will try uploading to MySQL on my server later.
Any more ideas or detailed implementation steps.
Best,

K

lefty 6/20/2018



Thanks!
Yeah, obviously. I have been around since version 3 or so, so I understand the basics. My memory is that this has always worked.
However, it's not working. The TOP Level (Customer) records are protected, but the user is able to edit ALL of the child (call therm Orders and Order Details) records.
And I am using Dynamic Security, leaving most of my users in the Group <Default>.
I do notice some oddities with using Access as my database on my development machine. I have to reset the rights of the <Default> group every build.
I will try uploading to MySQL on my server later.
Any more ideas or detailed implementation steps.
Best,

K


Update:

Looked at this a few times. If each user has an id then use userID as security , and also have userID in the orders table when they generate an order . Then setup security on the orders table only not the customers table unless they are assigned to certain customers in which you need to do both , then set advanced security on the orders table to see , either can see all records but edit their own or can just see all records and edit their own records.