Search these areas:
Help
Support Forums
Product Info



-Introduction
-DataWeb: What's New
-Creating an Application
-The DataWeb Designer
-Application Management
-Data Tables
-Data Tables
-Views
-Templates
-Components
-Data Analysis
-Members
-Security
-Importing
-Exporting
-FTP
-JavaScript
-Object Model
-Full-Text Search
-Domain and Email Hosting
-HotBlock Modules
-Account Management
-Glossary
-New Responsive UI Module





DataWeb Help
Support Forums
Tutorial
Script Library
Knowledge Base

Home > Support

Support Forum



permissions on nested data region
phil_yastrow asked:
If a user has author privleges, I want to display a nested data region. 

When I change permissions to view on the nested region to author and give members author privleges, it doesn't work.  Members can not see the region.  I also played with permissions on the table itself, to no avail. 

A few quick hints would be appreciated.
 
  rossb (DataWeb) responded:
  I think you've hit on a very subtle security nuance.  Specifically, if you set permssion to view to "Author" on a nested data region, it will only appear if you are the owner of the parent row.

Author means that you may edit records you own.  Thus, if you do not own the parent row, you are not considered an author for it, thus, you do not have Author permission for that row.  The end result is that since you don't have author permission on that row, the nested dataregion won't appear.

I'm not sure what behavior you are looking for, so i can't suggest an appropriate set of security settings.

This is somewhat confusing, so if you need any further clarifications, don't hesitate to ask.


:)ross
 
  brendanx responded:
  You can always use the source editor to add a visible attribute to your nested dataregion.  In that attribute you can execute any script you want to get the exact behavior you desire.

For example:

visible="#User.hasPermission(User.perm_EditOwnedRecords)#"

sounds like it covers what you were hoping for.  It is a little unclear what exactly that assertion means.  'If you can edit records you own, even if you don't own this record...'  The default behavior Ross describes seems more useful when you think about it.  'If you can edit this record...'

Or maybe you really intended:

visible="#User.hasPermission(User.perm_EditOwnedRecords, '/NestedTable')#"

That is, 'If the user may have the ability to edit some records in the nested table, then show it.'

Anyway, only you can determine what you really intend, but you can represent arbitrarily complex relationships in the 'visible' attribute, where Permissions to View or 'displayrole' only applies to smaller set of conditions.
 
  dougl responded:
  DataWeb considers this issue closed.
If you have additional questions or comments about this issue, please open it again.
If you have questions about a different topic please open a new support question.

Thanks,
DataWeb Support
 
  Please Log On
or create your own DataWeb Account.
Affiliate | Partner | Terms of Use | Privacy Policy | Contact Us | Pricing | Bring DataWeb In-House    
DataWeb, 720 North 10th Street, A #145, Renton, Washington 98057 *425-583-5970* Fax 484-770-4706* Email Us