User Access

From nuBuilderForte
Jump to navigation Jump to search

Back to Documentation

Giving User Access

Once you have created your required Forms, Reports and Procedures you will need to give users access to them.

To do this you need to do 2 things

  1. Create an Access Level.
  2. Add a User.

Creating an Access Level

Home

Choose the Form for this Access Level.

When you log in as a developer the first thing you see is the Home Page.

Each Access Level requires a Home Page, which will be its starting point for Users with this Access Level.

This Home Page should be a Launch Form.

The code for the default User Home Page is nuuserhome (the same as User Home on the Setup Tab).

Code

Lookup code for this Access Level

Description

Description of this Access Level

Forms

Add Forms that will be available to this Access Level.
Click the checkbox to enable the following on this Form for this Access Level.


Action Buttons:

  • Add: This Button will appear on The Browse Form and open a new/blank record in an Edit Form.
  • Print: This Button will appear on The Browse Form and will open a new window displaying an html table that is Formatted, Sorted and Filtered version of the Browse Form
  • Save: Functionality of this button is to commit changes to the selected record.
  • Clone: This Button will appear on the Edit Form and will be hidden until a record has been saved at least once. Functionality of this button is to create a duplicate object with the same fields ready for editing.
  • Delete: Functionality of this button is to delete the currently opened record

Reports

Add Reports that will be available to this Access Level.

Procedures

Add Procedures that will be available to this Access Level.

Adding a User

Name

User's real name

Email

Email address

Language

Select a language with a translation in Translations.

If left blank it will just use the phrases used in nuBuilder (English).

Access Level

Select a previously defined Access Level.

Login Name

nuBuilder Login Name

Password

nuBuilder Login Password

Only used when changing passwords.

Confirm Password

Repeat nuBuilder Login Password


Permissions

In addition to the existing Access Levels that govern access to forms, reports, and procedures, users can be assigned specific "Permissions".

These Permissions are fully customisable, allowing administrators to define their functionality and implementation according to specific needs. The implementation or verification of a permission can be carried out using SQL, JavaScript or PHP, depending on the case.

1. Use case: Restricting Form Access

For instance, if you want only users with the "Configuration" permission to access a certain form, you can easily enforce this without creating a new Access Level for each individual user. (Note that general access to that form must still be given through an Access Level.)

From the Home screen, select 'Permission Items' from the Users drop-down:

Add and create a new item:

Next, assign the permission to a user: open an existing user, choose the "Permission" tab and select the corresponding permission from the lookup.

Finally, add the following line in the "Before Edit" event of the (configuration) form: 

if (!nuUserHasPermission('configuration')) {
   nuDisplayError('Access to Configuration denied');
}

2. Use case: Filtering Records in a Browse Form

Here's another practical example: in a Browse Form, to display certain records only to users with a particular privilege (e.g. a supervisor). The current user will see records where their user ID matches a value in a database column, or if the user has the 'supervisor' privilege, all records will be displayed.

You can achieve this through a SQL query like: 

SELECT * FROM my_table
WHERE '#USER_ID#' = my_table.user_id
   OR FIND_IN_SET('supervisor', '#USER_PERMISSIONS#')
  • #USER_ID# = my_table.user_id: This part ensures that only records where the user ID matches the specified user ID (represented by the hash cookie '#USER_ID#') are included in the result set.
  • User Permissions Matching: FIND_IN_SET('supervisor', '#USER_PERMISSIONS#') checks if the value 'supervisor' is found within the comma-separated list of user permissions (represented by the hash cookie '#USER_PERMISSIONS#'). If true, those records are also included.

3. Use case: Conditional Button Visibility

And for a scenario where a button should only be visible to users with a particular permission (e.g., "hr_form"), you can use the following JavaScript in a form's Custom Code: 

if (!nuUserHasPermission('hr_form')) {
  nuRemove('hr_button_id');
}


Creating Password Policies

Rules for enforcing Password policies can be created by making a Procedure with a Code of nuCheckPasswordPolicy

If a Procedure exists with this Code, it will be used to validate any Password Changes.

Setting a variable called $check to true will allow the changes to be saved.


Here is an Example Procedure... 


  function nuCheckPasswordPolicy() {

	$oldpw = '#old_password#';
	$newpw = '#new_password#';

	$passwordErr = "";

	if ($newpw === $oldpw) {
		$passwordErr .= "The provided New Password cannot be the same as the Current Password!<br>";
	}
	if (strlen($newpw) < 8) {
		$passwordErr .= "Your Password must contain at least 8 Characters!<br>";
	}
	if (!preg_match("#[0-9]+#", $newpw)) {
		$passwordErr .= "Your Password must contain at least 1 Number!<br>";
	}
	if (!preg_match("#[A-Z]+#", $newpw)) {
		$passwordErr .= "Your Password must contain at least 1 Capital Letter!<br>";
	}
	if (!preg_match("#[a-z]+#", $newpw)) {
		$passwordErr .= "Your Password must contain at least 1 Lowercase Letter!<br>";
	}
	if (!preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $newpw)) {
		$passwordErr .= "Your Password must contain at least 1 Special Character!<br>";
	}

	if (strlen($passwordErr) > 0) {
		nuDisplayError($passwordErr);
		return false;
	} else {
		return true;
	}
}

$check = nuCheckPasswordPolicy();
Retrieved from "https://wiki.nubuilder.cloud/index.php?title=User_Access&oldid=3833"