Block a filter

Hi, I want to know how can I block a user from filtering one field of a table. I have the Resouce table with the field “unit cost” I dont mind them filtering on any other fields, for example :“names” who starts with John … but I dont want them to be able to filter my “unit cost”, because then they would be able to view “SECRET INFORMATION”. I do realize I can put some roles, but some user are able to see the resource card, but I dont want them to see this field … How can I do this … PS : I do not also want to create another form either

My first guess would be to place a SETRANGE(“unit cost”); into the OnAfterGetRecord trigger of the form. I would not recommend using the OnTimer trigger, though. The effect of this statement will be to remove all filters from the field whenever records are displayed. How to prevent setting the filter in the first place… well… [?] However, if your real intention is to protect secret information, how about using FILTERGROUP to filter out the protected information? The user won’t be able to remove or override a filter set in a filtergroup other than 0.

Hi Another idea would be to set this field Focusable = No. If you can´t focus a field you can’t set a filter (direct= F7). IMHO that’s enough for most of the ‘normal’ users Another problem is Strg + F7. Here I would recommend Heinz’s solution with SETRANGE(“unit cost”); followed by an CurrForm.Update. bye André

Navision standard uses the Focusable propertie of the field on a form. If you set it to “No” you can not filter on that field by slecting it and pressing F7. But… You will be able to filter it by using the table filter menu plus if the field a line form, you can not pass the field using a tab or enter. oh… I see now that Andre wrote the same solution I was going to suggest. Well… let me then say, Andre is right.

[8D]

Thanks to all … But the problem is not solve quit at 100% Putting Focusable = No does help to avoid a filter, Putting FILTERGROUP does work partially … it is because when the user does CTRL+F7 and lets say he enters “unit cost” > 20 … Navision brings him to the first record he finds, but he does not filter the whole record wich is good but still not enough … what to do? what to do?

Hi

quote:


Originally posted by azoghaib
… Putting Focusable = No does help to avoid a filter, …


This is for avoiding filter with F7 [;)]. Why not the hard way: Remove the field from the form. Put some code behind a button and show the unit costs with a message. bye André PS I’m a little confused now. You said: The user is not allowed to set a filter on this field. But what happens if he find this record by scrolling??? PS II I’ve got it! The field is not in the form and you want avoid filters with Ctrl+F7. Right?

Check the FILTERGROUP functionality, and onAfterGetRecord, onAfterGetNewRecord and onNewRecord add the code SETRANGE(“NAMEOFMYFIELD”); It will remove the filters on that field and they won’t be able of setting it up… if you’re also having trouble with fields that should show a value but not allow a lookup while being flowfields an easy way is to set the focusable property to false. Regards,

quote:


Originally posted by azoghaib
it is because when the user does CTRL+F7 and lets say he enters “unit cost” > 20 … Navision brings him to the first record he finds, but he does not filter the whole record wich is good but still not enough …


I have to confess that I’m a bit confused now… SETRANGE(“unit cost”) should throw away the filter immediately. Could you please be more specific about what exactly you are trying to hide and why the aforementioned methods, specifically FILTERGROUP, won’t do the job?

By the way, removing the field from the form won’t help as the user can always look up its value with the “Zoom” function - unless you completely disable this one too…

Hi Perhaps this is a solution: Put it in the OnAfterRecord- Trigger: IF STRPOS(GETFILTERS,'Unit Cost') <> 0 THEN BEGIN CLEAR(Rec); Rec.FIND('-'); CurrForm.UPDATE; END; On my system the user gets an error (if he tries to filter) on Unit Cost and the form will be closed. @Heinz: is Zoom available for every user? bye André

quote:


Originally posted by Andre DDB
@Heinz: is Zoom available for every user?


In our system, with default permissions for the “general public” as set by our NSC, it is. You can turn it off by not enabling System Object ID 5330 in the appropriate role’s access settings. Oh, by the way: You can also disable the table filter function this way by not enabling System Object ID 3220. Didn’t find an entry for F7, though…

quote:


Originally posted by Andre DDB
Hi Perhaps this is a solution: Put it in the OnAfterRecord- Trigger: IF STRPOS(GETFILTERS,'Unit Cost') <> 0 THEN BEGIN CLEAR(Rec); Rec.FIND('-'); CurrForm.UPDATE; END; On my system the user gets an error (if he tries to filter) on Unit Cost and the form will be closed. @Heinz: is Zoom available for every user?


Well… Andre,i’ve to recognize i feel impressed on how people can make things difficult when they want to… 1) IF STRPOS(GETFILTERS,‘Unit Cost’) <> 0 THEN BEGIN Well… i’m still wondering why all that when a simple IF (GETFILTER(“Unit Cost”)<>‘’) THEN BEGIN will do the same… 2) CLEAR(Rec); Rec.FIND(‘-’); That’s the most surprising thing… so you’re clearing Rec (that’s removing all the filters and values on Rec) and then searching the first record in the table… Well… you’re supposed to be trying just to remove the unit cost filter, not all other filters the user is having… and why are you taking the user away from the actual record??? it’s always easier just removing the filter on the desired field with something like SETRANGE(“Unit Cost”); 3)

quote:


On my system the user gets an error (if he tries to filter) on Unit Cost and the form will be closed.


i still don’t understand why taking the user away from the record and less why to take him out of the form. About the zoom… only users with permission for zoom can do it… but it’s nice being able of using the table filter (where you can choose also the fields where you’re going to put a filter without having to have it on the screen). Regards

Hi Alfonso

quote:


Originally posted by apertierra
1) IF STRPOS(GETFILTERS,‘Unit Cost’) <> 0 THEN BEGIN Well… i’m still wondering why all that when a simple IF (GETFILTER(“Unit Cost”)<>‘’) THEN BEGIN will do the same… 2) CLEAR(Rec); Rec.FIND(‘-’); That’s the most surprising thing… so you’re clearing Rec (that’s removing all the filters and values on Rec) and then searching the first record in the table… Well… you’re supposed to be trying just to remove the unit cost filter, not all other filters the user is having… and why are you taking the user away from the actual record??? it’s always easier just removing the filter on the desired field with something like SETRANGE(“Unit Cost”); 3)

quote:


On my system the user gets an error (if he tries to filter) on Unit Cost and the form will be closed.


i still don’t understand why taking the user away from the record and less why to take him out of the form. About the zoom… only users with permission for zoom can do it… but it’s nice being able of using the table filter (where you can choose also the fields where you’re going to put a filter without having to have it on the screen). Regards


At first of all: It took some time till I understand the ‘real’ problem. You can follow that by reading my other postings in this thread. I never noticed this ‘security problem’ in Navision before. IMHO the user shouldn’t have the possibility to filter fields which are hidden for him! So we have to find ways to close this security gap. 1) Where is the problem? As you said … do the same … [;)] 2) If Clear and a Find(‘-’) do the same - so what?- just remove one of them (probably Find(‘-’)) 3) As Andre said with all the other ways the user could see at least one record - my goal was to avoid this. Therefore a Clear (please notice - only if the user call the forbidden filter). I don’t know why Navision wants to close the form - it appears an error “You can’t change the record…”.[?][?] I don’t want to change something - so Navision takes the user out of the form not Me. bye André

Hi All I played with the filters and now I would recommend this: **OnAfterGetRecord()** IF STRPOS(GETFILTERS,'Unit Cost') <> 0 THEN BEGIN SETRANGE("Unit Cost"); Rec.FIND('-'); END; If you use only SETRANGE(“Unit Cost”) the pointer will show the first record - found before changing the filter. So you have to move to another record. Therefore Rec.FIND(’-’). Regarding my postings above: In this case you don’t need to clear the record. All other filters are still ‘alive’. The error which closes the form came from the CurrForm.Update. I still don’t know why. But you don’t need an Update. As Alfonso mentioned you can use both: GetFilter / GetFilters. If you use GetFilters please notice the language problem. If your system language is not English you should take the translation of unit cost. Like in German: ‘Einstandspreis’. I hope this helps. bye André

I still don’t see a reason for finding the record… and in the way you do you’ll have also the problem of the error if not finding an error that will close your form (a IF (Rec.FIND) THEN ; )could solve that error. I don’t know either why you still use the STRPOS on a GETFILTERS when, as you have told on your post is also “language” dependant… or what it’s the same… not as useful if using more than one language on the database… As i tried to tell you on my post i don’t see why to move from the record,as the only purpose he asked for was automatically removing filters on a field… (if there’s no filter on a field you can see at least the same records as if you were having a filter over that field… so what’s the problem on staying on the record… please, explain if you’re having a different reason, as i cannot understand it [:)]… BTW… i love your signature… [:D][:P] Regards,

Hi Alfonso

quote:


Originally posted by apertierra
… so what’s the problem on staying on the record… please, explain if you’re having a different reason, as i cannot understand it [:)]… …


I try to explain it. The question from Andre (the other) was

quote:


… but I dont want them to be able to filter my “unit cost”, because then they would be able to view “SECRET INFORMATION”. … it is because when the user does CTRL+F7 and lets say he enters “unit cost” > 20 … Navision brings him to the first record he finds, but he does not filter the whole record wich is good but still not enough … …


I assume the ‘secret information’ is the data in the field unit cost. When you use only Setrange(“Unit Cost”) the filter is deactivated but the pointer is still on first record found with the filter. Here are some example data: **f1**......**f2**.......**f3** 0001....xx01.....32,50 0002....xx02.....47,50 0003....xx03.....38,50 0004....xx04.....52,50 0005....xx05.....60,50 0006....xx06.....63,50 Now do the following: SetFilter(F3,‘>40,00’); SetRange(F3); No filter is activ - the pointer is on record 0002. You have found the first record with a higher unit cost than 40. Now you can easily filter: Setfilter(F1,‘>0002’); SetFilter(F3,‘>40,00’); SetRange(F3); The pointer will show the next record with a higher unit cost than 40 → record 0004. And so on … If the user is clever enough to learn how to use TableFilter he will also find this way to get information [8D]. You understand now? Regarding my signature: I found it on http://news.google.com/ as a disclaimer. They have changed this into: "The selection and placement of stories on this page were determined automatically by a computer program. " IMHO the first one was much better than the new. bye André

IF (GETFILTER(“Unit Cost”) <> ‘’)then BEGIN SETRANGE(“Unit Cost”); FILTERGROUP(0); Rec.FIND(’-’); END; it works … thank you

quote:


Originally posted by Andre DDB If the user is clever enough to learn how to use TableFilter he will also find this way to get information [8D]. You understand now?


Well… not really… if the user is clever enough he doesn’t need much work for finding those records anyways… go to report item list → filter on the unit cost… go to physical inventory and run a physical inventory calculation (the unit cost will also show)… create purchase lines where the unit cost will also show… there are hundreds of ways for a “clever” user to find the unit cost if he really wants to when having access to the item table… It’s just a matter of how much time it will take you to find it…[:D] Regards,

Hi Alfonso

quote:


Originally posted by apertierra [br … It’s just a matter of how much time it will take you to find it…[:D] …


100% aggree with you. But in this case a simple Find(‘-’) does the job [;)]. To be honest to coding this is for me the wrong way. IMHO it would be better if ‘Secret Information’ is really secret protected by passwords or safes not only by some simple code. btw. Alfonso are you really from Spain? The time stamp of your posts suggest another location. @Andre: Be sure to hide all the things mentioned by Alfonso to keep your secrets or change your unit cost into non secret data. bye André