01-21-2020, 03:45 PM
So I added the sql print statement and generally the sql looked correct but I noticed a warning saying security failed on lpc/tenant. This made me wonder if I needed a security rule allowing access on the overall stype. Just wasn't sure as the rules would be stating:
-disallow everything
-all access to the project
-allow all lpc/tenant
-filter to only show lpc tenant that match the user's assigned tenant
This translates to the following rules:
<rule group="builtin" default="deny"/>
<rule group="project" code="linborough_dev" access="allow"/>
<rule group="search_type" code="lpc/tenant" project="linborough_dev" access="allow"/>
<rule column="code" value="@GET(sthpw/login['login', $LOGIN].tenant_code)" search_type="lpc/tenant" op="=" group="search_filter" project="linborough_dev"/>
I didn't expect to have the third statement allowing all on the sType, I had assumed it would conflict with the last statement's filtering
Thanks for your help!
-Dan
-disallow everything
-all access to the project
-allow all lpc/tenant
-filter to only show lpc tenant that match the user's assigned tenant
This translates to the following rules:
<rule group="builtin" default="deny"/>
<rule group="project" code="linborough_dev" access="allow"/>
<rule group="search_type" code="lpc/tenant" project="linborough_dev" access="allow"/>
<rule column="code" value="@GET(sthpw/login['login', $LOGIN].tenant_code)" search_type="lpc/tenant" op="=" group="search_filter" project="linborough_dev"/>
I didn't expect to have the third statement allowing all on the sType, I had assumed it would conflict with the last statement's filtering
Thanks for your help!
-Dan