hasPermission()
Every action in ConcourseSuite CRM requires a user permission check. Based on the user's role, various permissions are enabled and disabled.
Use hasPermission(context, "permission name-attribute") to verify that the user has the specified permission before continuing execution of the current action.
- Permissions are generally in the form of "module-feature-action" and are defined in the permissions.xml file.
- The permission check is usually performed first in an Action Class, however multiple checks can be made
- Users should never see an error message that they do not have access to perform the function; the HTML view should hide those things that the user does not have access to
The following Action Class checks to see if the user has access to perform this action...
public String executeCommandSearchForm(ActionContext context) { if (!hasPermission(context, "sales-view")) { return ("PermissionError"); } SystemStatus systemStatus = this.getSystemStatus(context); Connection db = null; try { ... } }
The permission is named "sales" and the attribute is "view" -- as described in Create Install and Upgrade Scripts under the Permission Entry section.
Sign in to add your comment.