Deke
|
| Posted: 06/29/2004, 12:39 PM |
|
How do I prevent updates based on current userid and the user who originally created a record. I want to control this myself. How do I do this and what event do I put it in?
Code examples please!!
|
|
|
 |
klwillis
Posts: 428
|
| Posted: 06/29/2004, 1:59 PM |
|
Within the 'BeforeShow' event for a form you could place
code something like this ...
$recordForm->UpdateAllowed =
($recordForm->user_id->GetValue() == CCGetUserID())
_________________
Kevin Willis, VP/CIO
HealthCare Information Technology Specialist
http://www.nexushealthcare.com
"Fast - Convenient - Quality-Care"
Medical Software Consulting Services
Email : klwillis@nexushealthcare.com
Skype : klwillis2006 |
 |
|
Tony Elmiger
|
| Posted: 06/30/2004, 6:52 AM |
|
1. You will need to create a field in the database to record the user_id when a entering a new record. Place a hidden field in your record form for the user_id and in default Value enter
CCGetSession("UserID")
2. Verifying the user id
Here is some sample code from the CCS Help section Creation a Task managment system->Enhancing Application Functions->Step 5
Implement Record Security in After Initialize Event
Your Task Management system is now almost complete, except one possibly important feature- security.
Currently everyone can modify and delete any of the tasks. You may want to limit the access so that only the employee assigned to as task can update their tasks. There are many ways of accomplishing this, and we will examine several of them.
Click on the tasks_maint page in the Project Explorer.
Select Events tab in the Properties window.
Add Custom Code to the After Initialize event of the page as follows:
Once in the Code mode, replace the generated comment:
// Write your own code here.
with the code below:
global $tasks;
global $Redirect;
global $DByourconnectionname;
$current_task = CCGetParam("task_id", "");
if ($current_task != 0 && CCGetUserID() != CCDLookUp("user_id_assign_to", "tasks", "task_id=".
$DBIntranetDB->ToSQL($current_task, ccsInteger), $DBIntranetDB))
{
// $tasks->Visible = false;
// $Redirect = "tasks_list.php";
$tasks->UpdateAllowed = false;
$tasks->DeleteAllowed = false;
}
$task is you form name
user_id_assign_to is the field that stores the Record creator
"tasks", Table that stores the record
"task_id=". Record Identifier
Hope this helps
Tony
|
|
|
|
|
