Focal Point
[SOLVED]Additional ways to secure visibility of portal page??

This topic can be found at:
https://forums.informationbuilders.com/eve/forums/a/tpc/f/7971057331/m/7617093086

January 21, 2016, 01:28 PM
CoolGuy
[SOLVED]Additional ways to secure visibility of portal page??
Hi all,

So, we are wanting to create a page within one of our portals that should only be visible to a select group of individuals. I know about Security Center and creating a security group that can be tied to external groups of individuals (Active Directory groups). Our thing is we want to be able to add some conditional constraints to that. We want only people that are affiliated with certain stores in our company to be able to see this page/tab. We were able to find a way to lock down content with data source screening filters and SQL out, but we need a similar means to lock down portal pages.

Does anyone on here know of a way we could lock down visibility of a portal page other than with IBI security groups?? Where we could grab a list of stores from a SQL out statement and filter that visibility based off that list?? Js maybe??

Thanks in advance!

This message has been edited. Last edited by: <Emily McAllister>,


8.2.02M (production), 8.2.02M (test), Windows 10, all outputs.
January 21, 2016, 01:51 PM
Squatch
I think you could do this with JavaScript. You could set the visibility of the various things on the page to "hidden", then use JavaScript to make an Ajax call to a fex file.

The fex file could return the store information. And there is a predefined amper variable called "&FOCSECUSER" that holds the user login ID.

The JavaScript can unhide all the things on the page if the retrieved data indicates it should do so.

Disclaimer: I haven't actually attempted something like this yet, but it sounds possible to me.


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 21, 2016, 03:14 PM
CoolGuy
Thanks Squatch. I need a way I can write some Js that grab the page ID and then only make it visible if the FOCSECUSER or IBIMR_user logged in has 1+ stores specified within a set list.

Has anyone figured out a way to grab a page ID & then toggle its visibility before? I wish I knew where the product's underlying code for such lived. I could then glean from that code and create my own logic. Hmm...


8.2.02M (production), 8.2.02M (test), Windows 10, all outputs.
January 21, 2016, 03:46 PM
Squatch
That's easy. In your HTML page, set the "Unique Identifier" (In App Studio, it's in the "Body" section) to some text string. Then under the "Style Attributes - Basic", select "Hidden" for the "Visibility" property.

This is what the HTML BODY tag will look like if I choose "main" for a Unique Identifier:

<BODY style="VISIBILITY: hidden" id=main class=IBI_PageBg>

So using JavaScript or JQuery, you can toggle the HTML Body's visibility on or off and the entire page will appear or disappear.

var e = document.getElementById("main");
e.style.visibility = "visible";

This message has been edited. Last edited by: Squatch,


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 21, 2016, 06:07 PM
CoolGuy
Squatch,

So, the page name in the bread crumbs properties refers to the ID attribute?? Good to know!

Now, the big question is, where do we write our Js?? What file is tied to the portal pages?? Where in the install does it live??

We're almost there! lol

Thanks for your help!!


8.2.02M (production), 8.2.02M (test), Windows 10, all outputs.
January 21, 2016, 07:57 PM
Squatch
Well, I'm only talking about an HTML page made with App Studio (or possibly Dev Studio)... I'm assuming that is what is being placed into a portal. Is that correct?


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 22, 2016, 02:25 AM
SSander
quote:
Originally posted by CoolGuy:
Hi all,

So, we are wanting to create a page within one of our portals that should only be visible to a select group of individuals. I know about Security Center and creating a security group that can be tied to external groups of individuals (Active Directory groups). Our thing is we want to be able to add some conditional constraints to that. We want only people that are affiliated with certain stores in our company to be able to see this page/tab. We were able to find a way to lock down content with data source screening filters and SQL out, but we need a similar means to lock down portal pages.

Does anyone on here know of a way we could lock down visibility of a portal page other than with IBI security groups?? Where we could grab a list of stores from a SQL out statement and filter that visibility based off that list?? Js maybe??

Thanks in advance!

visibility of portal page? But does the page name still stay there?

Like
Page1 | Page 2 | Page3 | Page4

Now you want to hide Page3-s content? Is the content 1 html page/container? or multiple? There are ways with JS for example make "dummy.htm" add it to portal banner area and let that html catch actions you do. For example click page3 then hide something, but its quite hard to do like so.

regards,


Release: WebFOCUS 8104, AppStudio: 8105
OS: Windows
Output: HTML,Excel,Active Reports
January 22, 2016, 08:38 AM
Squatch
I created an HTML page using App Studio. It has a push button and an HTML table in it.

I hid the visibility of the page body, and the button and table disappeared from view in App Studio. Running the HTML page showed a blank window because the page body is hidden.

I then added the two lines of JavaScript I mentioned earlier, so that when the HTML page loads the JavaScript executes and makes the page body visible again. I ran the HTML page again and the button and table appeared.

I then edited a BI portal and inserted the HTML page into a tabbed container. When the portal loads, the container shows the HTML page with the button and table visible. So that means the JavaScript is still executing properly in the HTML page, even though the page is now inside a portal.

So, I think this can work for you. You would just need to add additional JavaScript code to your HTML page that will call on a WebFOCUS fex and return the data needed to make the decision to show the page body contents or not. One way to do that is to have JavaScript call on a fex to read a database table and return the results in XML format. JavaScript/JQuery can then extract the data from the XML results and make the decision to show the page content or not.

You can see an example of how to do this here:

RE:[CLOSED]On click of a button load the data in double list control dynamically

It's a little more elaborate than what you need, but it shows how to make an Ajax call to retrieve data from a fex file. Your code would need to execute at HTML loading time, not by push button. But the example should show you how to do what you need to do.


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 22, 2016, 10:30 AM
MattC
You should be able to do this within the Security Center. I know I tested this out in the early staged of version 8. From what I remember, I created a sub group under that group’s basic users group and set permissions on the page to not inherit the permission of the top level group and only allowed access to that sub group.


WebFOCUS 8.1.05
January 22, 2016, 10:51 AM
Squatch
I think CoolGuy doesn't want to use Security Center because user access in this situation depends on data stored in a database.


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 22, 2016, 11:18 AM
CoolGuy
SSander,

Sorry for not being as clear as needed. My end goal is to have the ability to conditionally choose whether a certain page tab even exists or not. I'm not worried about toggling content on/off on that page. I want the page in its entirety gone...tab and all.

Squatch,

You are the best. Sorry I wasn't clear enough on what I was looking for. I appreciate your help in trying to explain how to make content on a page toggle on and off if desired. What I'm looking for is getting rid of the page tab altogether if certain conditions are present based on the user logged in. I could utilize Security Center to tie a set list of individuals to a subgroup of a domain security group and only list that page for that subgroup, but I was hoping there was a more granular way to secure whether a page (altogether) appears or not. A scenario where I could write code that would control that. Not just a security subgroup through Security Center. So, this would be me having the ability to cause behavior at the portal HTML/Js level, and not just content HTML/Js level.

Thank you though for all your links and help! Much appreciated!

MattC,

That's what we may have to do for now until I can find a way to more granularly control page visiblity. Thanks for your suggestion!

I appreciate everyone's time and input with this inquiry of mine. Hope you all are doing well!


8.2.02M (production), 8.2.02M (test), Windows 10, all outputs.
January 22, 2016, 11:30 AM
Squatch
CoolGuy,

Gotcha. I don't know how to dynamically make a portal tab disappear.

But you could leave the tab there, and instead make visible in the HTML page a message saying "Access denied" if it is dynamically determined that the user does not have access to that page.


App Studio
WebFOCUS 8.1.05M
Windows, All Outputs
January 22, 2016, 11:37 AM
CoolGuy
That is true. We could do that. Thanks Squatch.


8.2.02M (production), 8.2.02M (test), Windows 10, all outputs.