Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
36 replies
Subscribers
11 subscribers
Views
12099 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Data and Records
How is everyone handling record security, when requirements require dynamic visi
Chris
over 9 years ago
How is everyone handling record security, when requirements require dynamic visibility? For instance, we require records for an application to be visible for all application administrators and also to the process initiator (initiator should only see the record for the process isntance they have initiated). Sometimes, company divisional views are necessary as well - divisional administrators should only see records for their specific division. With nearly 40 applications in production, we do not want to have 3+ records for each application. Just wondering if anyone has experience with similar situations. Thanks!
OriginalPostID-155229
OriginalPostID-155229
Discussion posts and replies are publicly visible
0
jonathanr67
over 9 years ago
Hi csteward,
Your '2100' parameter error is the same as what we're facing... I logged a similar question a few weeks back, but haven't got any closer to a solution that we're satisfied with:
forum.appian.com/.../e-154122
I've also reached out to some local Appian staff - I'll let you know if we come up with anything - and am keen to hear how you progress.
Regards,
JR
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Chris
over 9 years ago
Hi JR, no resolution for us yet - but we will be in the same boat as you with the amount of processes contained in Records (we are just starting our conversion to Tempo now and beginning load/scalability testing). The best solution I can see (I've suggested the required enhancement) would be to allow access to entity fields in the 'value' area of the Default Filter - as this wold allow you to implement a little trick of comparing the same entity Value back to the entity Field, use the = operator, and save all of the overhead - with unlimited scalability. However this is not currently possible, so I'm unsure of our direction as well. This is what I would like to do in the Default Filter:
fldID
=
=if(or(loggedinuser() = touser(rf!fldProcessInitiator),doesuserbelongtogroup(loggedinuser(),getgroupnamed("Business Admin Group"))), rf!fldID, -1)
- Chris
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Chris
over 9 years ago
FYI, Tom Ryan informed me there this type of change is being tracked under AN-60876 - to make record filters expressionable and dynamic. Hopefully they can work that in soon.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
jonathanr67
over 9 years ago
Thanks for the update Chris. That's good news for a Friday =)
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Chris
over 8 years ago
As an update for anyone intersted, I was able to satisft ALL of my requirements by utilizing a service-backed record with data returned via a!queryEntity(). The function checks for system admin or process admin status (within certain groups) and applies logicalexpression filters accordingly (filtering by loggedinuser() as the initator or approver otherwise). Best part, since you manually handle record searching you can filter queryEntity() data on any field you would like, rather than just the 'title' as standard OOTB records do.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mikej117
over 8 years ago
Thanks for the update @csteward, we have very similar visibility requirements and are facing the same issues as detailed in this thread.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
<