Is there a way to remove all the disabled users from all the groups those users belong to ?
Related
Restriction Groups are only for Customers and Vendors ! Not for Business Accounts ! I want to give access of Business Accounts and Contacts to specific users (Account Managers) who are External Sales Representatives !
On access to Business Accounts in Customer Management, the user is able to view and insert all Business Accounts and Contacts in the All Records Tab. Is it Customization the only solution ??
The requested behavior can not be achieved without a customization. Let me suggest to submit a support case or a customization request for Acumatica to look into the possibility to customize Business Accounts and Contacts to add support for restriction groups.
there is a way that i have done it, you can create a duplicate screen of the default generic inquiries for Contacts,Business account, customers and thru user access role grant access to the desired screens with desired permissions and filter does screens by workgroups or owners of the accounts.
I want to create a "global" group, which I can use to grant access to different site collections.
I.e.: I can give readers rights to collections 1 and 3 and no rights to collection 2.
Is it somehow possible?
I tried to create the group in CA, but I can't see it in the groups management.
You can not create such groups as SharePoint groups have site collection scope. When your create the same group (with the same name) in two site collections they are still different (have different IDs). Only AD groups can be used across several different site collections.
Hi i have a group system and i'd like to add some security to it.
Users can belong to multiple groups and id like to know the best way to authorize people to see the groups only if they are in it. If they aren't i want to redirect them to a another page, which is different according to the group.
For now i created a service but i have to use it in every controller...
I've heard of multiple things but not sure if they are appropriate for my situation.
Thanks for your help
There are several different ways to do this depending on the approach/complexity. Here are a few:
1) Use Symfony ACLS. When a user is added to a particular group, you can use the symfony ACL system to grant them view access to that group, and then later check isGranted() against that group to see if they have view permissions.
2) Create a custom voter
http://symfony.com/doc/current/cookbook/security/voters.html#creating-a-custom-voter
3) If the number of groups is limited in number, you could even use Doctrine query filters to automatically add a where clause to all queries where the group_id is in a list of allowed groups for that user. You can bypass this for all admin users. http://doctrine-orm.readthedocs.org/en/latest/reference/filters.html
What I need is:
Administrator-level-1 (Can edit all simple users and administrators of level 2 and 3)
Administrator-level-2 (Can edit all simple users and administrators of level 3)
Administrator-level-3 (even less permissions)
By saying edit I mean change password at least. Tried to experiment with roles, permissions, Organization hierarchy etc. Is this possible?
You could create an Organization for each level and then can create a single Organization Role with the following permissions:
User / Update
Organization / Manage Users
Organization / View
Once that is done you assign the level admins to this role on the corresponding organizations.
I am editing user security and am trying to give a user access to an e.List item. I select the user using the [...] button and successfully find that user by searching in our AD domain.
After I select the user and press OK, that user does not come into the CAC, just this error The filter will only accept groups and roles. Users will not be added to the filter. I don't see any filters here at all.
Have you seen this before and is it possible to set up security by users?
Thank you,
WE
Answer from ericlfg on http://www.cognoise.com/community/index.php/board,15.0.html:
Hi William,
The message you are receiving is by design. In order to add a specific user, rather than a group or role, that use needs to be a member of some kind of hierarchy in your security provider.
Ex: If you're using cognos groups and roles with a Role called "Test". You would populate this test role with members from your namespace. In the CAC, you would then select the Test group when you click on the elipsis and then that will allow you to select your individual user (or alternatively the Test role).
The same would be true if you're trying to add members directly from your 3rd party authentication provider. The individual users need to be part of a roll-up role or group in order to add that roll-up role or group to the filter. Once added to the filter you can select the individual users.
Hope this helps.