How to give the User permission in winform?
For Example
My application is based on retail shops,so the every employee having username and password,the Super Admin(Manager) he needs to give the permission to each user
NOT all employees have the full rights to access all the forms.
In each forms they have to access only selected controls only
for ex. User x have permission only for ADD and Edit only, but not To delete the record.
The User x not suppose enter discount more than 25%
The Super Admin Have the permission to allow access to every employee.
In this I need some logic references
may grateful.
As Somewhere Mentioned above you need a role based architecture.
In your database Of users you should include role column.
At the time of user log in you have to get role of of the user having particular
user name and password and store in some global static variable which can be used throughout
application.
And according to role,set visibility true or false for each form on form load method.
you should develop a Role-Base windows application. This tutorial describe what you need
i hope it helps you
Related
For two of my snowflake user accounts, an icon is showing up on the right that has a popup when I hover over it:
Why is this link showing up for two of my users?
Obviously I'm now confused about what these two "users" are and how they were created:
Are these users really service accounts?
If so, what is a snowflake service account and how does that differ from a user?
How do I designate some user accounts as service accounts and what are the pros/cons of doing so?
I've tried clicking the button and it just takes me to the user account details page and I don't see any "create user" type of language on the account details page.
I've tried to find anything in Snowflake's documentation that indicates a difference between service accounts and user accounts but I only find blog posts about how you need to treat your service accouns with care (and implement password rotation policies, etc).
I can't find anything definitive (yet) about designating users as "service acounts". (The closest thing is this stackoverflow about how service accounts are the same as normal user accounts.
Obviously there is something special about these two user accounts, though, since the snowflake UI is indicating these two users are actually service accounts.
The icon appears when a comment is set for the user. This comment can be set by yourself for a user to determine what is the purpose of it.
You may un/set it using the statements:
alter user user1 set comment='Create New User for Service Account';
alter user user1 unset comment;
More details: https://docs.snowflake.com/en/sql-reference/sql/alter-user.html#alter-user
How can we develop a voting website based on Wordpress where the landing page is login and password protected and logins and passwords are based on a preloaded database of users. The idea is to create a page for employees where they can enter after they provide the individual credentials. It cannot be based on a system where they register - their data should already be in a database.
I am assuming that you do not want different user roles for different users. If that is the case then you will need to create a function in your theme's functions.php file that will check if user is logged in using is_user_logged_in() and if not, redirect them to login page. In order to work around the problem of every user registering on site by themselves, you can create another piece of code that will iterate user details from a csv file, register them and set each user's password.
The reason for this suggestion/approach:
All the users are registered in your WP Users list so your passwords are not easily stolen.
You can assign custom user roles and capabilities later down the line if you wish.
You can do single or bulk addition of user down the line without redoing the same amount of efforts every time you need to add users.
You do not risk breaking the database structure in WP which is decently optimized.
Now do understand that you will need to leverage object caching and work using pre_get_posts to manage the large size of site.
Good Luck!!
I have created an integration profile CORE_AKTANA_DI through which data for objects will be loaded into my Salesforce instance through a third-party user. I have provided "View All" permission for all objects to that profile. However, since this is a global Salesforce org, hence, there is data for other countries as well in this instance.
I want the user with the profile to see only data of France i.e with country "FR". In this case, my only choice is to:
Remove the "View All" permission of the profile from all objects.
Give the user a role such as "FR-Corp".
Create sharing rules for all objects with "Private" OWD and share with this role.
The problem is that since this is an integration profile, I cannot assign a role to the user with this profile. Also, it is not plausible to create sharing rules since there are a lot of objects with private OWD.
Same problem occurs by assigning the user to a public group, i.e a lot of sharing rules need to be created.
In this case, please suggest me the easiest possible options.
Actually, how to solve your issue is dependent on business process you are trying to implement. There are few ways:
sharing by hierarchy: setting proper roles and checking 'grant access using hierarchy'
sharing rules: setting proper sharing rules, owner/criteria based
manual sharing: using button
sharing using apex: using share object of any corresponding object
I think, this document will be useful for you.
I don't think what you say is correct:
"The problem is that since this is an integration profile, I cannot assign
a role to the user with this profile."
In my org we have a few integration connections. Each connection is anchored by a SF user license which has both Role and Profile. You should likely give the integration it's own user license and name the user something like "Integration (Fr)" Set the Roll up with appropriate hierarchy position, permissions and sharing rules and once you've done all the token resets needed set as API login only & password never expires. That should do it unless I'm missing something.
I have enabled Field security on 2 checkboxes I have on a my form.
Checkboxes:
Security Override (checkbox)
Financial Overide (checkbox)
I have created 2 Field Security Profiles (FSP).
Override Control
This FSP will grant assigned users the ability to read, create, update.
Override Read
This FSP will grant assigned users the ability to read.
When I tested Override Read with an assigned user. I was still able to click and changed the checkboxes. It appears as if crm is ignoring the Override Read FSP.
How can I configure the checkboxes to be read only using Field Security Profiles?
I tried testing and debugging the issue with the Field Security Profile for a few hours and decided to take a different approach.
I ended up using javascript, when the page loads it will disable the override checkboxes. The checkboxes will only been enabled if the user has a particular security role.
In case you were testing using account that has System Administrator - that would not work because System Administrator will have an access to any fields if I'm not wrong.
UPD in this case please provide screenshots of fields you've made FL-secured, profiles you've created for fields and screenshot of profiles assigned to a user and at the end screenshot of a form with fields.
I have in my web application a role called "Administrator". Users who have this role should be able to modify the information about the registered users.
I am thinking about displaying a table with the user details such as e-mail, username, and be able to change them but I don't know what should I do if a users comes to the office physically, goes to an admin and asks for a password change (yes they can do that). Should the admin just press a reset button over the row and tell the user to check his e-mail when he arrives home and proceed with the recovery? (reset link for example) Or should the administrator reset the user's password and give him his new password in that very moment? The second approach is preferable as I was asked to do that...
I know that the admin shouldn't be able to see the original password as it should be hashed and unknown.
What are your thoughts about this? How would you implement this functionality? Thanks for your help.
There is no one perfect answer for this question. The question of workflow will always be dependent on the specific use-cases of an application and will depend on the context it is built in.
That being said, you are right about one thing - it is horrible, and I do mean horrible, security breach to let an Admin or any other user view a clear text password for someone else. So that's definitely off the table.
In your case, it seems giving the admin the right to change someone's password is the way to go. If you're worried about how it looks, don't be. Google Apps allows domain administrators to change the password for any email account under that domain.
Finally, I would suggest a small additional safety measure. When an Admin changes another user's password, store the old encrypted password in a column, don't delete it. When the admin set's the new password, shoot out an email to the user saying "Your password was changed by the Administrator, if you did not request for this, please click here". When they click on the link in the email, simply overwrite the new password with their old one.
That way in case an Admin is changing passwords without the user requesting it, you have a recourse for the user and the logs will keep you informed of how many time an admin has had a password reset revoked by the user.