AX1500

GetSecurityInfo data lookup

You can use GetSecurityInfo rows in a DataLookup data source to return information about security permissions for Axiom Financial Institutions Suite users, as defined in Security.

The GetSecurityInfo data lookup supports similar query parameters as the GetSecurityInfo function, and can be used as a substitute for this function to improve file performance. (missing or bad snippet)

To create a GetSecurityInfo data lookup, add a [GetSecurityInfo] row to a DataLookup data source and add the appropriate parameter columns. For more information on creating the DataLookup data source, see Creating DataLookup data sources.

GetSecurityInfo parameters

[GetSecurityInfo] rows use the following parameter columns. Within the DataLookup control row, these parameter names must be placed in square brackets—for example, [CodeName]. The parameters can be placed in any order.

(missing or bad snippet)
ParameterDescription

CodeName

Specifies the security property to return. Use one of the following values:

  • FileGroup: Returns information on a user's plan file access filter.
  • TableType: Returns information on a user's table type access filter.
  • Table: Returns information on a user's table access filter.
  • IsSysAdmin: Returns whether a user is a system administrator.
  • PermissionGranted: Returns a user's security permission status.
  • InRole: Returns a user's role assignment status.

For all codes except IsSysAdmin, you must use the SecurityItem parameter to specify which security item to return information about. For example, if you use the code FileGroup, you must use SecurityItem to specify which file group you want to return information about.

SecurityItem

The name of the security item for which to return information. This parameter is required for all code names except IsSysAdmin. The following list details which information to specify for each code:

  • FileGroup: Specify the name of the file group. A file group alias name can also be used.
  • TableType: Specify the name of the table type.
  • Table: Specify the name of the table.
  • PermissionGranted: Specify the code for the permission. See the following table for a list of permission codes.
  • InRole: Specify the name of the role.

UserName

(missing or bad snippet)

LocalizeResult

Optional. Only applies if the code name is FileGroup, TableType, or Table.

Boolean value to determine whether the permission is returned using integer values or by using the permission name in security.

  • If FALSE (default), the function returns "0" to indicate no access, and "1" to indicate full access.
  • If TRUE, the function returns the permission names "No Access" or "Full Access".

If the user's access is filtered, the filter text is returned.

ReturnWriteFilter

Optional. Only applies if the code name is TableType or Table.

Boolean value to determine whether the user's read permissions or the user's write permissions are returned.

  • If FALSE (default), the user's read permissions are returned.
  • If TRUE, the user's write permissions are returned.

By default, a user's read and write permissions are the same unless different write permissions are explicitly defined. So in most cases, returning the read filter returns the user's overall access. However, if you need to return the write access specifically, you can use this parameter to do so.

Domain(missing or bad snippet)

Result

(missing or bad snippet)

IsError

(missing or bad snippet)

When using code PermissionGranted, the SecurityItem parameter must specify the name of the permission to return:

(missing or bad snippet)

Remarks

  • The user's effective permissions are returned, including any access inheritance from a role or admin rights, and subsystem restrictions (if applicable).

  • When using code FileGroup:

    • GetSecurityInfo only returns information on which plan files a user can access within the file group; it does not provide information on what level of access the user has to those files (for example, read only or read/write). Note that if a user has no access plus a filter, then GetSecurityInfo will return no access, even though the filter may be relevant if the user is eligible for permission "elevation" due to a plan file process.

    • Users can be granted different levels of access to different sets of plan files within the same file group. For the purposes of this function, all filters are concatenated with OR to result in the total set of plan files that the user can access at some level. If a subsystem restriction applies, it is concatenated with AND.

  • When using codes Table, TableType, or FileGroup: if the filter uses a filter variable (such as {CurrentUser.LoginName}), the variable is resolved when GetSecurityInfo returns values for a user, and not resolved when GetSecurityInfo returns values for a role.

Example

The following screenshot of a DataLookup data source shows several GetSecurityInfo examples:

For more examples of GetSecurityInfo use, see GetSecurityInfo function. The same examples work for both approaches. To use a function example in a DataLookup data source, you would place the applicable function parameters in the corresponding parameter columns.

See also