These examples apply to the Row Authorizations form.
You want to allow all users to see their own user information on the Users form (description, e-mail address, group memberships, etc.) but not any other user's information. To do this, you would set the fields as follows:
| Field | Setting | Notes |
|---|---|---|
| IDO | UserNames | The filter applies only to the UserNames IDO. |
| User | Leave blank so the filter applies to all users. | |
| Group | Leave blank so the filter applies to users in all groups. | |
| Property | Username | the User ID field on the Users form is bound to the UserNames.Username property. (The Usernames.Userid property is only used internally.) |
| (Operator) | = | |
| This Value | Current User |
When you click Add This Clause, the pseudo-SQL query that displays looks like this:
(Username = dbo.UserNameSp())
After you activate and save the filter, any user who logs in (and who has the proper authorizations for the form) can open the Users form but will see only the record that matches their user ID.
You have created some SyteLine logins for your customers, and you want to restrict the customers so they can see only their orders and no other customers' orders.
First, you need to create a custom SQL table that connects the SyteLine user logins to customer numbers. Name the table CustLogin, and include two columns: custuser and custnum. Populate the table with your customer user logins and their associated customer numbers.
| Field | Setting | Notes |
|---|---|---|
| IDO | SLCos | The filter applies only to the SLCos IDO. (You would also create separate filters for the SLCoitems IDO and any other IDOs needed to view the customer information you want to include.) |
| User | Leave blank so the filter applies to all users. You will use the table join to determine who the filter applies to. | |
| Group | Leave blank so the filter applies to users in all groups. | |
| Property | custnum | The Customer field on the Customers form is bound to the SLCos.custnum property. |
| (Operator) | = | |
| This Value | Current User Joined To | Use this setting to specify a table join. |
| This Table | CustLogin | This is your custom table with the mappings between the user ID and the customer number. The table must be in the application database. |
| Where This Column is the Username | custuser | This drop-down list will populate after you specify the table. |
| And This Column has the Value | custnum | This is the value that is compared to the SLCos.custnum property. |
When you click Add This Clause, the pseudo-SQL query that displays looks like this:
(CustNum = ANY (SELECT [cust_num] FROM [CustLogin] WHERE [CustLogin].[username] = dbo.UserNameSp()))
After you activate and save the filter, when a customer user logs into SyteLine and tries to access the SLCos IDO (either through a form or through a web-based call to the IDO), the filter will look up their user ID in the CustLogin table and, if it finds a matching custnum, it will limit the information they can view to records with that customer number.
Each of your salespeople has a SyteLine login. They are allowed to see their own sales opportunities, but you also want them to see any opportunities that do not currently have a salesperson assigned, so they can assign the opportunity to themselves.
Instead of creating a new mapping table, we can take advantage of the existing mapping in the slsman_mst table, which has both a username column and a slsman column.
The filter on SLOpportunities requires two clauses.
| Field | Setting | Notes |
|---|---|---|
| IDO | SLOpportunities | The filter applies only to the SLOpportunities IDO. (You will be ORing another filter clause after this one.) |
| User | Leave blank so the filter applies to all users. You will use the table join to determine who the filter applies to. | |
| Group | Leave blank so the filter applies to users in all groups. | |
| Property | slsman | The Salesperson field on the Opportunities form is bound to the SLOpportunities.slsman property. |
| (Operator) | = | |
| This Value | Current User Joined To | Use this setting to specify a table join. |
| This Table | slsman_mst | This is the existing slsma_mstn table that includes the username (login ID) and slsman (salesperson) mapping. |
| Where This Column is the Username | username | This drop-down list will populate after you specify the table. |
| And This Column has the Value | slsman | This is the value that is compared to the slsman property on the SLOpportunities IDO. |
When you click Add This Clause, the pseuo-SQL query that displays looks like this:
Slsman = ANY (SELECT [slsman] FROM [slsman_mst] WHERE [slsman_mst].[username] = dbo.UserNameSp()))
| Field | Setting | Notes |
|---|---|---|
| IDO | SLOpportunities | The filter applies only to the SLOpportunities IDO. (You will be "OR"ing this filter clause to the previous one.) |
| User | Leave blank so the filter applies to all users. | |
| Group | Leave blank so the filter applies to users in all groups. | |
| Property | slsman | The Salesperson field on the Opportunities form is bound to the SLOpportunities.slsman property. |
| (Operator) | = | |
| This Value | Literal | Compare the property to the literal value in the adjoining field. |
| (Literal) | Leave this field blank, or specify null to indicate a null value. The null will match any opportunities where a salesperson is not defined. | |
| OR instead of AND with previous value | (Selected) | Select this box to indicate an OR |
When you click Add This Clause, the pseudo-SQL query that displays looks like this:
Slsman = ANY (SELECT [slsman] FROM [slsman_mst] WHERE [slsman_mst].[username] = dbo.UserNameSp())) OR (Slsman = null)
After you activate and save the filter, when a salesperson logs into SyteLine and tries to access the Opportunities IDO (either through a form or through a web-based call to the IDO), the filter will look up the login ID in the slsman_mst table and limit the information they can view to records with that customer number. However, the salesperson can also see any Opportunities records where no salesperson is assigned, because of the OR and the second clause above.
Your customer BigCycle (customer number 89765) has 20 employees that are allowed to log into SyteLine through a web portal to check the status of their orders. Instead of setting up a separate IDO filter for each login, you can set up a group called BigCycleLogins and set up all 20 users as members of that group. Then you can create a filter for the group. To do this, you would set the fields as follows:
| Field | Setting | Notes |
|---|---|---|
| IDO | SLCOs | The filter applies only to the SLCos IDO. (In order to for them to view details of the order you would also need to set up a similar filter on the SLCoitems IDO.) |
| User | Leave blank so the filter applies to all users. | |
| Group | BigCycleLogins | The filter applies to all users in this group. |
| Property | CustNum | The property whose value will be compared is SLCos.CustNum. |
| (Operator) | = | |
| This Value | Literal | |
| (Literal> | 89765 | This literal value is compared to the value of the CustNum property. |
When you click Add This Clause, the pseudo-SQL query that displays looks like this:
(CustNum = " 89765")
After you activate and save the filter, any user in the BigCycleLogins group who logs into SyteLine and requests data from the SLCos IDO will only see records where CustNum = 97765.
If you have 10 different customers who have several users each with SyteLine login access, you could create a group for each customer, and then create 10 "group" IDO filters on the SLCOs IDO (one for each customer group).
The following information applies to complex situations, for example, when IDOs are inheriting from each other and each level has its own filters defined. An IDO that extends another IDO inherits all its filters, unless the IDO is using extend-and-replace.
Only filters marked Active will be used for all of the following.
The IDO filter clause is built by ANDing together all or any of these categories:
The clauses for categories 1 and 2 consist of all filters in that category ANDed together; the clause for category 3 consists of the clauses for every group the user is a member of ORed together; the group clauses themselves are all the filters for that group ANDed together.
In other words, a user who is a member of several groups can see all of the data these different groups are allowed to see, but it may be restricted by the user's personal filters (and possibly the general filters, but usually the general filters would not be more restrictive than any of the group filters, because that would defeat their purpose). As an example, an IDO has these active filters:
Everyone:
E1, E2;
User: U1, U2;
Group1: G1-1, G1-2;
Group2: G2-1, G2-2;
The
user who wants to access the IDO is a member of both Group1 and Group2.
Then the constructed filter is set up like this:
(E1 AND E2) AND (U1 AND
U2) AND ((G1-1 AND G1-2) OR (G2-1 AND G2-2))