I am trying to implement the following process in APEX.
The following is the case:
A student creates a form, here the responsible first and second supervisor for the thesis can be selected.
When the form is submitted, the responsible first and second supervisors only see the final papers which are assigned to them .
They can click on a final paper to edit it.
When they click edit, they see the student's created form, but can only edit the fields that are tied to their roles.
I created an interactive report page for the primary supervisor. Here he can see all final papers assigned to him which are listed in an interactive report.
I then linked the thesis ID to the student's created thesis form.
I created some fields and used an authorization scheme so that only the first supervisor can see and edit these fields.
I am not sure if this is the common procedure in apex or if there is not a better way to implement it.
The general idea is that different users can gradually edit and add things to the form.
There is no "correct" answer to this question.
It sounds like you have multiple users with different roles in your application and they're allowed to do different things. It sounds like you have a Student role and a Supervisor role already. (Don't forget to consider that a user may have both roles, depending on their situation. I may be a Student for my thesis, but a Supervisor for someone else's.)
You want an input form for the Student and a review form for the Supervisor and the fields will largely overlap. You could use one Apex page for each, or a single page that changes depending on the mode it's used in. You also need a way to tell the page that it's being operated in one mode vs the other. Personally, I go for the second approach when it's feasible.
This means you will use the Read Only attribute for the different page items depending on whether the user is a Student or Supervisor. You may also want to use the Server Side Condition attribute to remove some page items or regions entirely.
For example, the Student may enter a Title attribute so that needs to be read-write, but the Supervisor only needs to see it, so that will be read only. The supervisor will need Approve and Reject options, but the Student should not see those at all.
Related
Background
Each Dataverse table contains a primary name column. When displayed in a subgrid, clicking on the primary name column will navigate to the form so that the user can edit that row. Most subgrids in my application work this way.
The Problem
I have a Course form with a list of participants displayed in a subgrid. The subgrid displays each student's name (as a link) and the grade received in the course. There is no appropriate primary name column for this Participant table. To edit the participant record, the user must select the row in the subgrid, then click the subgrid's Edit button. As a result, this UI is different from all other subgrids in the application and I know that user's will click the student name to try to edit the participant record and be confused when they are presented with the student record.
Am I missing something? Is there a better way to handle this?
It's a common problem I face quite often. Here is usually what I would do.
Make sure the Primary Name Column always contains relevant information to the user to be able to quickly identify a record. Sometimes it requires copying information from one or multiple other columns into the primary column.
In your case that would probably means concatenating the student's name and grade.
How to do that?
Common to all solutions below
Use one of the following solution to copy the content of one or several fields into the primary column.
Make sure the solution you select also updates the content of the primary name column when one of the copied field is updated.
Remove or hide the primary column from the form, the name of the record will be displayed at the top of the form anyway and you probably don't want users to play with it.
Display the primary name column in every subgrid.
I would recommend not adding the fields copied into the primary column in the subgrids to avoid confusion.
Solution 1 - Classic Workflow
Create a classic workflow that runs when a record is created / updated
Pros:
Very quick to put in place
Runs synchronously (users will see the name updated in real-time)
Cons:
Not very practical if you need to add business logic (using different fields as source depending on a certain condition for example)
Solution 2 - Power Automate
Create a Flow that runs when a record is created / updated
Pros:
You can implement complex business logic in your Flow
Cons:
Runs asynchronously (users will have to refresh the page after the creation of a record to see the record's name)
According to Power Automate licensing that flow would certainly be considered as an "enterprise flow" and you are supposed to pay 100$ / month. That specific point must be taken with a grain of salt. I had several discussions with Microsoft about it and they haven't given me a clear answer about what would be considered an enterprise flow.
Solution 3 - Plugin
Create a plugin that executes when a record is created / updated
Pros:
You can implement very complex business logic in your Flow
It can run synchronously
Cons:
Pro-code (I put it as a con since Model-Driven App is a low-code / no-code approach but there is nothing wrong about pro-code per say)
Developing a new plugin for each entity where you need this logic is kind of overkill in my opinion. I would consider developing something very generic that would only require some sort of configuration when the logic needs to be applied to a new table.
I need to apply a filter in some report for some users.
I was told that the best way to do this is a security filter but i discovered that security filters are applied to all the reports that the user open.
I need some kind o filter that filter an attribute on a user but just on some reports, not all.
example:
if report1{
if user1 then attribute = 1
if user2 then attribute = 2
}
let's say i have departments and chiefs of those departments.
It is not a matter of security but a matter of comfort.
I want to avoid the chief of a department to manually select (prompt) his department.
It would be more comfortable if the system would recognize the user and show the data of his interest.
There a different ways to solve this kind of scenario, depending on the level of flexibility you want to offer to your user and the effort you need to implement and maintain the solution.
The User Login way
No flexibility, low maintenance, more effort to implement
Use the User Login prompt. This is a system prompt (created by default MicroStrategy) that returns the user login. If you have a table with the data that a user can see like this:
UserLogin YourAttribute
user1 attribute1
user2 attribute2
user3 attribute3
... ...
You can create an attribute UserLogin to be parent of the Attribute you want to use as filter and then create a filter (User Login = User Login System prompt)that you will put in your report.
More detailed information can be found here.
Once implemented this solution will you need to maintain that new table and when the user run a report with that filter it will be able to see only his data. It's similar to a security filter, but now you can decide where to apply the filter.
Multiple reports for multiple prompt defaults
Flexibility, high maintenance, little effort to implement
For each user create a copy of that report with the proper answer as default.
Maybe you can create ten reports now, but if you need to modify that report tomorrow you will need to modify ten report or recreate again all copies with different prompt answers.
Anyway this is good for the users, because they can change the prompt answers if they need.
Using URL to answer prompts
Flexibility, low maintenance, variable effort to implement
Instead to run the report using MicroStrategy you can provide to each user a specific URL that, using MicroStrategy URLAPI, answer automatically the prompt.
Of course you need to prepare the URLs in advance or find a way to do it programmatically. This is a good solution if the user don't want to navigate the MicroStrategy web interface but just run the report.
Subscribe the prompt answers
Flexibility, low maintenance, medium effort to implement
Have the report with the proper prompt answer delivered to your user every morning (or when you want). Using MicroStrategy Distribution Services you can deliver a report or document to your user and for each user you can specify the correct prompt answers.
No user can receive the full report in their mail box or just a link to their history link, opening that link they will see the report with their data. Of course users (or probably you) will need to setup all the subscriptions required.
Final thoughts
In these case I prefer to leave flexibility to users and teach them how to use the product. Of course there are some people they have no time for this kind of things (usually C something levels), in that case the best this is to have the data delivered to their email.
I understand some of these options are not that straight forward to implement if you are new to MicroStrategy.
My suggestion: for now go with the subscriptions (if you can) or teach your users how to save their own copy of that report (in My Reports) with the prompt already answered (oh, yes, this was another option, but each user has to do it), every time they will open it now, the prompt won't show up (but if you change the original report they will need to do it again).
Let me know if you need more details.
I'm creating a web app for my client as a part of my schools final project.
It's a web app where users fill forms (surveys) and after forms are submitted,
values are saved in the database.
There are three types of users: admins, moderators and viewers. Admin's can see the
overview of filled forms, moderators will fill these forms and they also can make edits
to them and get the overview of the forms they've filled. We haven't discussed about the rights of viewers
at this point.
I'm using CodeIgniter as a framework of my project since it comes pretty handy when it comes to database
manipulation and forms. What would be the best way to implement this kind of situation? There are apprx.
4-5 forms (surveys) each moderator will fill. After they've filled them, they only can make edits to that particular form.
So one user can fill each form only once.
I've designed that each of the forms needs one table. So if there is a form (survey) about IT equipment, I will create
a table for IT equipment. User's id number will be saved in to the last column in the table, usually called "user_ID" where I can
make queries based on users and check if user is already filled the particular form.
What about controllers and models? I've thought I could only make one model for inserting and editing the form.
However, is it pretty much the only way to create a controller or method foreach form since there are different types
of form fields to validate based on the form user is actually filling. I've already created a controller for inserting and updating
the IT equipment form and both of these methods are pretty big when it comes to the amount of code, over 200 lines per method.
So that would be a total amount of 2000 lines of code just for inserting and editing all the forms.
What'd you do and how you'd implement this if dealing with similiar kind of project?
Thanks in advance for all the ideas and point of views!
You should take a look into this:
http://cibonfire.com/
It's a really good addon for codeigniter, that allows you to data oriented development.
I'm an old CFML developer, new to CF on Wheels and MVC programming in general. I'm picking it up pretty quickly, but one thing that isn't evident to me is how one can offer a form to optionally update multiple db table records (models). I'd specifically like to set up a tabbed form for User info and User Profile info, where the former is required and the latter is not. This data is stored in two different one-to-one tables. What's the setup I need in order to call two "new" or "edit" views, run 2 "create" or "update" procedures, affecting two different tables. Or am I thinking about this all wrong.
Update: Adding some more info on what I'm trying to do. To keep it simple, I'll stick to 2 tabs and 2 tables, though I'm really looking at at least 3 in this instance.
So I've got a Users table and a UserProfiles table, and I've got models named User.cfc and UserProfile.cfc that are related 1-to-1, with UserProfile dependent on User. Pretty standard stuff. For each I've got controllers: Users.cfc and UserProfiles.cfc, each of those containing actions. add, edit, create, update, doing the obvious stuff (add and edit display forms). I have partials that display the add/edit form fields for each, so that's already prepared. Now, I want to create what is effectively a single add/edit form that can update both tables at the same time. The tabs don't really matter; effectively it could all be on one page.
So conceptually I'm doing something like:
#startFormTag(action=???)#
#includePartial("form_user_add-edit")#
#includePartial("form_userprofile_add-edit")#
<button type="submit" class="btn">#operation#</button>
#endFormTag()#
Do I need to create a separate controller action that basically combines the create and update actions for two different controllers?
Thanks in advance from a pleased and eager CFWheels newbie...
Brian
If all of the data is related through hasMany or hasOne associations, I'd recommend looking at nested properties.
http://cfwheels.org/docs/1-1/chapter/nested-properties
If you're a newbie though, you may want to refrain from this until you've got something simpler worked out.
I guess you are talking about two models representing these two tables, possibly associated using hasOne. Models allow you to validate data, this makes controller much simpler. This way you could create two forms under two tabs, and keep record's primary key as hidden field. Controller could run the validation and re-display the forms (partials may help)... Hold on, I am just going through the reference.
I realize this answer is pretty generic, as well as your question. I suggest you to go ahead and try something, see how it works.
After that update your question with code samples and ask if you have some specific problems. For example, validation and displaying errors in CFWheels may be a bit tricky.
Hi Sitepoint wizard people,
Say we have an admin application that has multiple users and various objects. What I'd like to do is control access within the object itself - that is, it will behave one way for one type of user, and another way for other users. For example...
Director Mike can override Reception user Sally's registration date. One would assume that Mike could set any date both in the past or in the future. Then we have Payroll user Steve who can also modify Sally's registration date, but only for dates in the past up until (for example) one year ago. To spice things up, then we have the HR Manager Mary who can also amend Sally's registration date, but only for dates from precisely 23rd June 2007 up until one month from now...
How can I program the access restrictions so that on the front end, the form control is restricted with a min and max date, and in the backend, the validator checks the entered date to make sure it falls between those dates? I'd obviously need to be able to tweak the min and max dates for each user type. Other objects might have different parameters - maximum amount on a discount field or days of the week for overtime, for example.
I've asked this question in different ways, but each time I get bogged down by the implementation. I'm currently developing it as a php/MySQL web-based application, but thoughts and comments from other platforms very welcome! This time I'm looking at first principles, so it doesn't matter what your background is, if you have any ideas, please let me know! What do you even call this type of access control...?
Depending of how you application is based, you could ask for credentials at the start of the application and depending on who is requiring access, you could load a different xml file containing different settings.
As for security issue, make sure that the different xml files can't be reached by the users.
Edit:
Since you are using MySQL you could do something like this.
Let's say you have a table of users that has those fields : UserId, UserName, RestrictionId.
And with a Restriction table that looks like : RestrictionId, FieldName, FieldCondition.
This way, in your php app, when a user is authenticated, you can go fetch the correct "Restrictions" on the field and apply them in your code. If it happens that you have multiple fields that require different rules then you can simply add them with the correct RestrictionId.
This DB design is far from perfect, I'm pretty sure you can do better
Since, you are already using MySql db. You can maintain the UserRole Master table details in DB itself. Load the user role data based on login, then you can easily validate the changes made by the user accordingly.