Is it possible for a user to log on, then select which branch they are at, and depending on what they select they have different permission levels? For example someone could be a manager at one branch but a mere stock counter at another. The problems that I’ve been running into are that the security permissions appear to be set before codeunit 1 is run, also if I don’t have permission to do something then I’m having problems giving myself permission. thanks, Dan.
Hi, Which version of Navision are you using?(I presume it’s version earlier than Attain). Reg. 1, Your problem is addressed in Attain thru’ ‘Security Filter’ option in Permissions. Here you can define access to info. in tables like any other Table Filter. Check it out? Reg. 2, That’s the way it should be and how Navision is working. How can you give something to others/yourself which you don’t possess? The solution to this is that you can give Super Data & Security roles to yourself. Regards
Hi Dan, why not create 2 userids for the same person, each assigned to another company with different permission levels. That way you won’t have to programm anything and you’ll be using the Navision standard (i asume you mean company by branche?) regards.
Hi guys, If only it was that easy! I’m using version 3.10 SQL so the security filter will work but it doesn’t really fit the problem. The Branch is not a separate company but global dimension 1. What the user wants is for someone who is a manager at Petone for example to be able to work for Napier in a lesser role and not see their sensitive information. Actually the problem is starting to go away the more we talk with the client, and it’s easy enough to check security levels in the code if it’s only in a limited number of places. I discovered something interesting when I was playing around. I set up a user with the read and write roles to the GL table. In Codeunit 1 I deleted the GL write role record from the Member Of table, and thestatement “If rec.WRITEPERMISSION…” returned FALSE. But I can still modify GL accounts, unless I log off and log back on. So the WRITEPERMISSION function seems to look at the Navision tables rather than the actual security levels, although I can see why you wouldn’t normally change security on the fly. regards, Dan.
Hi Dan, Sometimes it’s real hard work out there to achieve the desired with Permissions. Just to point that
quote:
If rec.WRITEPERMISSION…" returned FALSE. But I can still modify GL accounts, unless I log off and log back on.
the Roles/Permissions are always applied only when a user logs in again after permissions were given/modified to him. Regards