Section Access row-level security using a string match for multiple fields
Hi,
We have a pretty simple row-level security/ reduction set up in section access, and have a requirement to expand it that is giving me trouble.
In the example below, this works fine if the 'MANAGERID' field is a single field in our data table. However, now we want to limit access for this user for rows in the data table where that ID value exists in ANY of 5 different fields in the data that may or may not contain that value. I've tried concatenating those 5 fields into a single string with delimiters in the Section Application data table, and then changing the value in Section Access below to '*01234*' or similar, but am having no success.
It's not possible in this way because the section access doesn't support any OR logic and also no search-logic else everything is linked per AND and only explicit listed values will be considered.
This means you need to adjust the data-model by merging all authorization-information into a single field and then listing all wanted values for each user within the section access.
Usually exists all these information already and could be with less efforts loaded and transformed in the needed way, for example by loading the information per crosstable or if they are string-concatenated to split them per subfield() loop or by having any kind of hierarchy like level 1 to level n to apply a while-loop - and with such measures to distribute each explicit value to a separate record within the section access.
Of course more complex scenarios are possible but I suggest to start more simple. Nevertheless here some more background:
It's not possible in this way because the section access doesn't support any OR logic and also no search-logic else everything is linked per AND and only explicit listed values will be considered.
This means you need to adjust the data-model by merging all authorization-information into a single field and then listing all wanted values for each user within the section access.
Usually exists all these information already and could be with less efforts loaded and transformed in the needed way, for example by loading the information per crosstable or if they are string-concatenated to split them per subfield() loop or by having any kind of hierarchy like level 1 to level n to apply a while-loop - and with such measures to distribute each explicit value to a separate record within the section access.
Of course more complex scenarios are possible but I suggest to start more simple. Nevertheless here some more background:
Thanks for confirming and pointing us in the right direction. I was able to accomplish what we needed by setting up the 'Authorization using a Hierarchy', specifically using a horizontal hierarchy from our dataset.
