An existing bill has an approval record, due to normal approval map. With the help of SQL, I updated the value EPApproval.ownerID, and assigned a new approver. Next, I logged in as the user who is associated with the updated owner ID. Finally I can Approve the bill. I wanted to see if it's possible to achieve the same success via ACM Framework. The client has some cases in which an employee delegate must be assigned as the document approver. Currently it isn't possible to edit the approval record via UI.
Probably you are aware of this, but in Acumatica it is possible to approve the following documents:
Those assigned to you.
Those assigned to other users of your workgroup.
Escalated documents assigned to users of workgroups that are at lower levels in the company tree but in the node of your workgroup.
Refer to https://help-2018r1.acumatica.com/(W(2))/Wiki/ShowWiki.aspx?pageid=1fe1afcc-e676-466e-8c3f-cbf64857e32a
Therefore, it might be possible to achieve what you need through the use of workgroups and proper configuration of the Organization Chart.
Unfortunately, Acumatica does not have delegate functionality. You might consider upvoting this entry on the Acumatica Ideas site (as it has already been raised previously): https://feedback.acumatica.com/ideas/ACU-I-2162
Regarding your question on whether it is possible to change the Approver, you should be able to develop this as a Customization. For example you could consider doing a Custom screen (or perhaps customize an existing screen) from where you can add this functionality. You can consider using PXDatabase.Update as well to update the entry (although this shouldn't be used in case you are doing a solution which is to be ISV certified)
Related
In salesforce, we have a scenario, on the trigger of the lead object we are updating some records of Campaign. But the user on the behalf of we are running the trigger does not have edit permissions on the campaign. We are not facing any issue in the update of the campaign because the trigger is running the operation in system mode.
Further, we have applied for the security review and made the changes and added the check of the object isUpdatable() and after it, we are not able to update the campaign due to that check which returns false for isUpdatable().
My questions are, Can we pass the security review without applying that isUpdatable() check? if our process has the business logic to update the campaign/opportunity on the behalf of the user who doesn't have permissions on the campaign/opportunity?
If we can not pass the security review with that check then what could be an alternative for it, where one user who doesn't have permission on campaign/opportunity, performs some operation on lead/contact and we want to update the campaign/opportunity in system mode after that operation?
or is it necessary to provide the permissions of campaign/opportunity to that user?
It's not a coding question as such so it might be closed here. Consider cross-posting to https://salesforce.stackexchange.com/
Generally speaking, your app should be simplifying Salesforce. Adding value by being pre-built, pre-tested use case for this customer and saving clicks for the end user. (let's ignore situations like pulling data from other systems, runinng some crazy Excel file generation that SF can't do easily). With that philosophy - you're supposed to respect the System Administrator's wishes when it comes to security. If admin didn't grant Profile X edit access to field Y - the security review answer is that you should detect it. If you can recover gracefully and continue with your program - cool. If it's critical field - throw an error, force the admin to make conscious decision. Because if you're saving clicks - user would face same problem in normal UI. It's not only "describes", it's also about "without sharing" for example.
There's another layer to it - licensing. In the old days "Marketing User" (to access campaigns) was a separate license, you assigned it by clicking checkbox on User but it had to be purchased. Now it's bit simpler, part of the full user license (I think). But there are still situations where you can't access Opportunities for example (Platform License) or can access only Account, Contact and 10 custom objects (Chatter Plus License or whatever is the new name).
If you abuse system mode to fetch data from objects user is not allowed to see (or save to them) - official answer is that SF loses money because of you. Permission should really be assigned and if needed - license purchased. I'm not a lawyer, I don't know who violates the Master Service Agreement with Salesforce, you or the client that installed the app or both. I'd say read the contracts and see what you can do to protect yourself. If that means your app can't be installed by customers on Essentials/Professional (or it can be installed anywhere but can be used only by full users, not by Platform/Chatter/Community) - well, it is what it is. Decide pros and cons, legal consequences if it gets caught...
They're humans, talk with them. Maybe you'll pass review. Better have a rock solid business case why you need to bypass the check though.
P.S. You know you don't have to do describes anymore? Spring'20 goes live this & next week and "WITH SECURITY ENFORCED" and "stripinaccessiblefields" become generally available :)
P.P.S you really need trigger? Workflow, process builder, flow (yuck) - anything to not have code = not need the isAccessible and if it effectively dies on permissions - it's the client's sysadmin's problem?
We've recently moved off Netsuite as our main CRM, and I've been tasked with disabling it. We still have historic tickets in there that need closing, but I want to disable Netsuite from picking up any new tickets from our support mailbox.
I'm new in this role and have little Netsuite experience. Can anyone tell me how to prevent Netsuite from picking up new support tickets, while allowing us to work on closing the existing tickets? Our new CRM is picking up the new tickets.
I've been googling, but can't find out how to do this. I'm very new to Netsuite, and as soon as I've worked out how to perform the basic admin functions, we're moving away from it. I'm cautious that I need to still allow open tickets to be processed and worked on, so can't just cancel everything down.
Can anyone point me in the correct direction?
Thanks in advance!
There is indeed a forwarder on our support address, forwarding to a unique looking Netsuite address. I've disabled the forward, and also unchecked the Email Case Capture box. This allows us to continue working on already created cases, whilst preventing Netsuite from creating new cases. Problem solved, thanks again Jdg50!
Cases in Netsuite are created either through a form or email capture via forwarding a company address to a Netsuite address.
The Email Case Capture feature at Setup > Company > Enable Features > CRM > Support automatically
converts customer support messages your company receives into organized cases in NetSuite.
Depending on the specific requirements of your business, you can use case capture to create a simple
catch-all support address, or you can create a more sophisticated customer support model by using
Case Profiles.
From: https://docs.oracle.com/cloud/latest/netsuitecs_gs/NSSMG/NSSMG.pdf
Case capture works by forwarding your company’s support email address to a NetSuite-generated
address. You will need to make a note of this when setting up forwarding on your mail server.
Logic dictates that removing/unchecking case capture in this setting will turn off case creation. You may also need to turn off the case forwarding/capture user setup in your exchange, depending on how it was originally setup.
This won't erase existing cases, but it will stop new cases from being created.
I am still a relative newcomer to Expression Engine as a developer and a user. I am faced with the problem that a lot of my knowledge is being passed to me by users who have found ways to accomplish tasks traditionally undertaken by developers (eg product libraries) by using the channels system.
What I wondered was what people's views are on when it is best to advise a client to use this and when not to.
Let me use an example, a client wants a system which had venues where events could take place. The previous developer had chosen to use the membership system for the venues and the channels system for the events and write some custom code to attempt to knit the two together, specifically because there are not enough hooks to accomplish some background automated tasks like looking up the long/lat of the address of a venue when it is created or updated.
I am picking up after someone else's work largely but its not their fault, it was the information they were given as they were also new to the system.
In any other project this would be a master-detail type setup, events belong to venues, i'd probably write 2 custom tables, editors in the admin area via modules and then use regular custom code in the pages to display and act upon the info - this way, I could control what's happening when a user hits submit.
However, the instigating party is a veteran user of Expression Engine and instructed the previous developer in the manner of "oh, just put it all in the channels and then there's this tag and that tag and so on".
So, am I missing the point or am I right that this does not fit the channels system and when should you use channels and when not?
Thanks friends.
This question is very hypothetical and every developer will give you a different answer as it all depends on the requirement and how that EE developer rolls.
Fundamentally ExpressionEngine allows you to approach builds in many ways, none are right and wrong, albeit some are easier, some harder, others just plain daft.
Basically Channels are groups of data "entries" - these can be anything. Using your example, venues could be one channel with fields created relevant to the subject (e.g. location, size, price, etc). And another channel for events with different fields (e.g. date, type, location).
Mostly anything can be slotted into a channel. But member details are best held within the native member functionality (although there is a commercial add-on that holds member data in a channel).
You reference the previous developers approach - this could be because they used a third-party add-on that required the data to be held separately to channels, or a lack of understanding on best approach. Or just because the developer decided to approach it that way! I suspect the last developer then associated a member (venue) to an entry (event) to link the event to the venue. Basic EE functionality allows for related entries which allows you to associate 1 entry with another (e.g. Event -> Venue), or using the excellent Playa add-on, so this approach is really not necessary.
Personally I would always store the data in channels, and people/members in the native membership functionality (e.g. admin, visitors to the site, customers, etc). I'd only build an add-on (utilising it's own tables/data) to store additional information if it was way outside what EE could store.
To answer your practical question (it's stretching the scope of what Stack Overflow questions are supposed be honestly): you should use a channel for Venues and channel for Events, and the Venue field in the Event entry is a "Related Entries" fieldtype linked to the Venues channel. That's the "standard" EE way, and the most similar to a traditional database schema.
Entity has a custom field based on which, some security roles should have access to records of that type and some should not.
Javascript can be used to close form after checking roles. But I'm looking for back end solution that will disabled access to this records in workflows and searches too.
For example, product should viewable by everyone if manufacturer is our company and only by Competitor Products Specialist if other.
You might be able to write a plugin that would automatically share the record with the appropriate Users/Teams. When somebody updates that field, the plugin would run and share/unshare the record according to your business logic.
Disclaimer: I haven't actually tried this before, and there may be performance issues if you have lots of records (and therefore lots of sharing records).
I ended up writing the plugin that works on pre-Retrieve event and modifies retrieve query by adding additinal filter by field.
I'm pretty new to sharepoint-development, so I thought I'd check real quick with the gurus in here.
I've been given the task of building a replacement for the built-in Alert Me feature. The main reason for this is to allow for alerting members of a role with a forms authenticated sharepoint.
This is where you guys come in. I know you can build an immediate Alert Me function by creating list item event receivers.
However, if I wanted to create the summary-feature (daily/weekly notifications) - what would be the best way to go about this?
With very limited knowledge, all I could think of was to create a Windows Service, which checks daily for changes to the lists, and sends notifications accordingly, in one summarized email.
Would I be wrong to assume that this is, if not the best/only way to do it, at least one way of doing it?
And could I use the SPChangeCollection to accumulate the changes?
thanks in advance :)
Don't create windows service: you have SharePoint job for scheduled tasks.
However, I would reconsider the need. SharePoint alerts already offer immediate/daily/weekly alerts. thos member of the role (group?) can perfectly choose the "Alert me" individually. i personnaly would consider otherwise as spam (how do you unsubscribe, then?)