The Forums on slxdeveloper.com are now retired. The forum archive will remain available for the time being. Thank you for your participation on slxdeveloper.com!
|
|
User Security Query
Posted: 21 Nov 06 11:29 AM
|
fiogf49gjkf0d Hello,
Is it possible to write a query to find who has access to delete an opportunity?
Or is there a way to quickly find this out? As opposed to going through each of the 400 users in the Administrator?
Thank you,
Justin Kuehlthau |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 12:28 PM
|
fiogf49gjkf0d Is this running in the client? You can use GetMenuSecurity. To test if the currently logged in user can delete opportunities you'd use something like this (I think)
Application.BasicFunctions.GetMenuSecurity("EditDeleteOpportunity")
Again, I think...?...I didn't test that.
Is that what you are after? |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 12:36 PM
|
fiogf49gjkf0d I would venture to make a guess.. that unless you have changed the standard security modle then everyone who has access to the opporuntity can delete it |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 1:00 PM
|
fiogf49gjkf0d No one should have access to delete opportunities. I want a query or a quick way to see if any user in the database can delete opportunities. |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 1:17 PM
|
fiogf49gjkf0d Justin,
the question is really Did you set the security for the edit/delete options of opporuntities when you setup the user in the Administrator..?
The default out of the box security allows them to delete.. Unless you have changed it then everyone who can see the opporuntity can. Did you change the user profiles when you set them up..? |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 1:41 PM
|
fiogf49gjkf0d I did not set the security for anyone.
This database already had 400 users in it when I got control. I have no idea what the users were set up with.
I would rather not hit the next button on 400 users to see if anyone has the ability to delete opportunities.
I could just copy a users profile who can not delete over the rest, but that does not help me to determine if a user is deleting opportunities or if something else is.
Thank you,
Justin K. |
|
|
|
Re: User Security Query
Posted: 21 Nov 06 3:01 PM
|
fiogf49gjkf0d Ah. I see what you're getting at. Unfortunately I can't think of an easy way to do that. My guess is that the info you need is all contained in the BLOB on the USERSECURITY table. |
|
|
|
Re: User Security Query
Posted: 22 Nov 06 1:48 PM
|
fiogf49gjkf0d I think that you can stream out the contents of the UserSecurity.Security field and parse through it to find out who has security to delete opps. There is a string in the file which will say something like SecurityGroupsgOpportunityEntityTypeatPermissionsRightsDefsrdAddrdEditrdDelete. (rdAddrdEdit will only be in there if user can add opps).
I made a vb app to do it but it's not pretty lol! |
|
|
|
Re: User Security Query
Posted: 22 Nov 06 4:03 PM
|
fiogf49gjkf0d Electrician from http://www.jh3.com/software/electrician.htm should be able to decode the BLOB. That or using Administrator's Execute SQL could do the trick.
I'm just guessing here, but doesn't this mean that you would have to stream out 400 blobs and compare them? I highly doubt the information for all 400 users is stored in one blob. If this is the case, Electrician and Administrator would have a hard time. Your best bet, if this were true, would be to use an existing app or develop your own to stream the BLOB out and compare the results. That alone could take more time than comparing all 400 users manually. |
|
|
|
Re: User Security Query
Posted: 23 Nov 06 2:15 PM
|
fiogf49gjkf0d Yeah, they are all in different blobs. My script just streams out the blob to a text file, serches for the string and if found appends to a log and then moves on to the next. Not too bad.
Ryan wrote a nice article about reading from the blob's http://www.slxdeveloper.com/page.aspx?action=viewarticle&articleid=62 that helped. Luckily with the security field it's pretty easy to compare the results with what you see in administrator to figure out which section handles what. |
|
|
|