SalesLogix 7.5 SP3 Security Roles- Part 2 Securing a view from access

In my last post, I briefly went over the new security roles available in the 7.5.3 SalesLogix web client.  In this article I want to discuss how to secure a page and utilize this feature to control what screens a user has access to.

In the Application Architect, when you select a page under the Portal, and look examine the Properties for the specific Page, you will see a new property called “Applied Security”

  SalesLogix SP3 Applied Security Property 

If you select this property you will see a drop down list:

SalesLogix SP3 Applied Security Property Choices

This list comes from a new table called SECUREDACTION.  The list is based on this table, but actually only shows those choices that are standard (It is currently hard coded):

SalesLogix Web SP3 SECUREDACTION table

 When you select a value in the “Applied Security” page only those user that have this Action defined for them in their Security Roles will have access to this page.  If they do not have access they will get the following error when they try to navigate to the page:

SalesLogix Web SP3 Secured Page Error

Note: None of the standard pages have Applied Security set for them (Like Account, Contact, Opportunity, etc.)  If you want to restrict view access to these pages you need to add their appropriate Applied Security role to each page and then set up the user Security Roles in the web client’s administration accordingly. 

Also note: that adding an Applied Security setting to a page only requires a re-deployment, not a re-build.

 

As I said above, the choices in the “Applied Security” list are hard coded to the standard entries in the SECUREDACTION table.  This makes sense if you want to use the default roles like Entities/Account/View or Entities/Contact/View.  But what happens if you have a new custom area you want to control access to?  It does not make sense that you would have to use an existing Role for that.  And you do not need to though it is not real obvious how to add a new one.  Here is how:

 

The first thing you need to do is add your own entry in the SECUREDACTION table.  There is no management interface for this now so you need to insert the row directly in SQL. 

Since I do not know what Sage’s plans are for this area, proceed with caution (but this procedure will work). 

Here is what you need to populate the table with:

  • SECUREDACTIONID – A unique table Key.
  • CREATEUSER, CREATEDATE, MODIFYUSER, MODIFYDATE – Self explanatory
  • NAME – Following the standard naming conventions this should be “Entities/{YOUR ENTITY NAME}/View”
  • Description – Following the standard naming conventions this should be “View a {ENTITY NAME}”
  • Parent – Following the standard naming conventions this should be “Entities/{YOU ENTITY NAME}”

 You can see in the screen shot of the SECUREDACTION table above, that I have added a custom row for a entity called CProject.

Now when you are on your custom page you can not select your new custom choice you entered because the “Applied Security” drop down is currently hard coded, but you can type it in manually.  You want to type in the value you used in the NAME column for your custom row.

Once you type in your custom Applied Security name, you can then go into the web client and under administration you can add your custom role action to users. (In the web client your custom entries are available to be chosen).  When you re-deploy only those users that have a role with your custom role action added to them will have access to navigate to your custom page.

 SalesLogix SP3 Applied Security Custom Entity Action

ABOUT THE AUTHOR

Kris Halsrud

Kris Halsrud is a Senior Analyst / Developer for Customer FX Corporation.

1 Comment

  1. Sonal, you need to define the Feature Security on the OnClick event of the Save button of your new view. Take a look at the Save button Click Action on the standard Account Details quickform to see an example.

    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Join our mailing list to receive the latest Infor CRM (Saleslogix) and Creatio (bpm'online) news and product updates!

You have Successfully Subscribed!