on 04-20-2011 10:12 AM
Hi All,
I need to be able to hide worksets and roles depending upon the user that logs in. I have managed to control iviews and pages using the following code
Hashtable env = new Hashtable();
env.put(
Context.INITIAL_CONTEXT_FACTORY,
IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, PcmConstants.ASPECT_SEMANTICS);
InitialContext iCtx = null;
try {
iCtx = new InitialContext(env);
IiView result = null;
Object currentObject = iCtx.lookup(iViewID);
if (currentObject instanceof IiView) {
result = (IiView)currentObject;
}else{
}
result.putAttribute("com.sap.portal.navigation.Invisible",invisibleValue);
result.save();
} catch (UnsupportedOperationException e) {
e.printStackTrace();
} catch (NamingException e) {
e.printStackTrace();
} catch (ValidationException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
After looking around some more, i thought there must be something similar for worksets and roles as well.
I found the use of IRoleService and IRoleDescriptor. But its only given how to create new roles using these. Can someone help me out on how to access existing roles so that I can set the property dynamically for them?
Hi Malita,
The approach you have followed is not scalable. you should use PCD filter.
Refer to
Please note that you should use PCD filter only when there is no other option. Most of the times you can achieve the same result by tweaking your design.
Also refer to
to understand when you shouldn't be using PCD filter.
Let the community know your exact requirement and the community should be able to suggest the best approach.
Thanks
Prashant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You can use IRoleFactory and IRole.
The code should looks like that:
com.sap.security.api.IRoleFactory roleFactory = com.sap.security.api.UMFactory.getRoleFactory();
try {
com.sap.security.api.IRole role = roleFactory.getRole(roleName);
role.setAttribute(namespace, name, values);
} catch (UMException e) {
}
Read more about setAttribute method at:
http://help.sap.com/javadocs/nw04s/sps09/se/com/sap/security/api/IPrincipalMaint.html#setAttribute(j..., java.lang.String, java.lang.String[])
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you want a user to have a role based on access, you can assign the roles in User Admin to user.
I would suggest you look into Role Merging concept before you go too deep in program. You can merge roles and user would have access based on role they are assigned. Check below link.
http://help.sap.com/saphelp_nw04/helpdata/en/53/89503ede925441e10000000a114084/content.htm
Thanks,
VP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Do you have a requirement to programatically handle this ? If not there is an easy eay out through Portal Config.
If the users can be categorised into specific User Groups or you need to determine the access mode via Portal URL Alias -> Set up the Portal Display Master Rule accordingly and assign separate filtered Destops.
You have to set up Desktop & role filtering -
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
25 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.