Restrict access to bw_metadata documents in WAD NW04S

Dear All,
We are deploying a new reporting and analysis application on NW04S BI.
In this application we set in a toolbar an access to some help documentation that are stored in KM as bw_metadata documents for the concerned web template (command OPEN_DIALOG_DLG_DOC_BROWSER).
But the problem is that every one is able to create, change and delete these documents !
I would like to restrict the access to these documents only in read for everyone and change for some power users.
In the permissions in KM, i cannot change access on this repository.
Did someone have an idea on how to change these permissions/authorizions ?
Thanks in advance for your suggestions.
Fred.

Fred,
sorry about that did not see the KM part...
help.sap.com still talks about setting up the BI document repository on the portal and not about KM when I did a search for OPEN_DIALOG_DLG_DOC_BROWSER ,
http://help.sap.com/saphelp_nw04s/helpdata/en/43/17348cfa923614e10000000a422035/content.htm
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/0901c9bb-0601-0010-49ab-c1770c527673
The WEB API does not seem to make a distinction betweek KM and the BDS . and not much given on single document..... maybe the single document is worth a try....
Arun
Hope it helps...
P.S BTW is the WEB API for 7.0 documented anywhere ? not able to find the same .. keep running into the 3.x version ....

Similar Messages

Restricted access to confidential documents in DMS

Hello Gurus,
Need your expert guidance on the following requirement.
The requirement is to restrict the access of the document to users like Author, Reviewer and Approver, for all the documents.
I am confused which authorization object will work in my case and what settings I've to maintain for this.
Authorization Object C_DRAW_BGR u2014 Authorization Group
Authorization Object C_DRAW_DOK u2014 Document Access
Authorization Object C_DRAW_TCD u2014 Activities for Documents
Say I am having document types to us those are confidential.
ABC (finance docs)
LMN (Legal docs)
XYZ (design docs)
We want to allow only the users who are having below roles.
DMS_APPROVER
DMS_REVIEWER
For rest of the user we don't want to allow change/display acccess to the above documents.
Please guide me how to proceed, what need to be done.
Regards,
Ganesh

Hello Ravindra/DMS Gurus,
Sorry, but still my requirement is not met.
Actually our business scenario is as below:
Say there is a special document Type APR (Employee appraisal document)
And for 5 different employee created (Authors) the document giving their self-inputs.
Now these employee are assigned to say 3 different Supervisors (Reviewers) and one Manager (Approver)
{Author; Reviewer and Approver are maintained in Additional Data of the document.}
So each document will have a Reviewer and Approver assigned along with the Author.
Our requirement is to restrict the access of these 5 documents to the Employees (Authors), so that none of these employee can view each others document. And allow display/change to respective Supervisor (Reviewer) and Manager (Approver) only.
We need to restrict document access based on the above scenario
After checking, I think using authorization object the above requiremment can not be met. Can we use any user exit?
Your valuable comments are appreciated.
Regards,
Ganesh
Edited by: ganesh sarasvati on Aug 12, 2010 5:35 PM
Edited by: ganesh sarasvati on Aug 12, 2010 5:37 PM

Problem restricting access to additional document directory

Hi,
Plattform: Win2K + iPlanet 6sp6
I'm having a bit of a problem setting restrictions on an addtional document directory (the "manual" directory is a good example).
I have a couple of virtual servers.
I do not want to use .htaccess.
Is it at all possible ?
any pointers ?
Best wishes,
B.L

Is it possible?Yes.
Any pointers?Umm. Use the "Restrict Access" screen to select the directory you want to restrict, and then set the permissions for it.
Without knowing what kind sof problems you're having we can't really make any recommendations.
Are you following the instructions in the Admin Guide?

Sharepoint 2010 restrict access to a document library unless loggin to domain

Have a requirement that has stumped me for awhile. we have a Sharepoint 2010 site that has some document libraries that have to be setup to ONLY allow users that are loggin to the domain to be able to access those libraries.
We are currently using active directory to authenicate user on login. and use active directory security groups for site, page and library access.
Any ideas if this is possible and if so where to start?

the easy answer: nothing built in can do that.
options can include: custom dev (potentially lots of it), "intelligent" app firewalls/proxies... but the practical answer is to either trust users with information, or disable public access (thus SP would *only* be accessible via LAN / VPN routing)
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

CHARM - Restrict access to other documents

Dear All,
When Change manager approves the CR & assign the developer, mail will trigger to developer & he will starts development, thats ok. If the ticket is not assigned to me and if i tried to open the UC, system should not allow me to open that ticket itself. How can we do this ? If my BP number is not assigned in that ticket, system should not allow me to open the ticket, is this possible ?
regds,
CB

Hello Kallumama
you have two different options to achieve this:
- first one is playing in CRMBS02 with the authorization codes. As a result, people will have access to tickets according to user status of ticket and not according to who the ticket is assigned to
- second one (and maybe better for you) is BAdI crm_order_auth_check. Thanks to MF 'CRM_ORDER_READ' you retrieve who is assigned to your ticket, then thank to a specific MF or to a Z evaluation path you ll have to get the BP assigned to SAP User who is trying to access to ticket; after comparaison if first is different from second then write an error message. That will not authorize User access in change mode to ticket !
Regards,
Khalil

Best way to restrict access to documents (outside of the group or library level)

Hi, we're thinking of implementing SharePoint Server 2013 Standard Edition for our organization. Many of our employees are research scientists working on proprietary information. From the (admittedly little) I understand about SharePoint, if a user wants
to restrict access to a particular document to the 2 or 3 people with whom they're collaborating (and also have it not appear in the search results), they will have to email their power user to request that a new document library be created in which they can
store their documents. Is that correct? In this case, what is the best way to handle item-level permissions? Users absolutely want to have the freedom to restrict access to their documents themselves rather than being forced to go to their power user. Thanks.

Hi,
Per my knowledge, if you want to restrict access to the documents to some users, then you need to have Manage Permissions permission to modify other users’ permission on the documents.
If you do not have the Manage Permissions permission, I recommend to ask the site administrator to create a workflow as below to remove the corresponding users’ permission on the documents which you uploaded. You can start the workflow on the document you
upload and then the permission of the users set on the workflow will be removed from the document.
Best regards.
Thanks
Victoria Xia
TechNet Community Support

Restricted access to attachments in SRM 7.0 web applications

Hi,
We have a very specific problem regarding the handling of attachments with SRM 7.0 web applications. The system is configured to use ArchiveLink for storing documents on a remote content server, which is working fine.
Now we have a requirement which should restrict access to certain documents to specific user groups. As an example you could say that a Purchase order has (besides others) two documents attached, e.g.
- signed contract
- meeting minutes
The contract should only be visible to a limited number of people, whereas the Meeting Minutes are accessible to everybody.
Our problem is that apparently only one Content Category ("BBPFILESYS") is used by the SRM web applications for an upload. When granting authorizations on this content category, we cannot distinguish between contracts and meeting minutes anymore.
Comparing this with the config in ECC we can freely define document types which can be used in AUTH profiles. Is there any similar solution that can be used in SRM 7.0?
Any help would be greatly appreciated.
Cheers,
Mark

Hello,
Have a look at note 1334202. It provides some inputs.
Regards,
Ricardo

How to restrict read access to certain document in stellent content server

Hi,
We are using stellent content server to store project documents. We would like to restrict access to certain confidential documents.
Users with Read / Write permission should not be able to access but admins with RWDA permission should be able to access these confidential documents.
Appreciate your inputs on this.
Thanks,
Nayana

Without seeing your setup and environment its a bit hard..
But...
Make sure that user has read only access to public security group.
You could setup an addition role with readOnly access and apply it those users.
Or restrict there account to have Read only access.
Remember if the user has Admin access on the Account but only readonly access on the security group then they will only have read only access on the files and visa versa.. :)
J.
Message was edited by:
JRS

Restrict access to bid invitation cFolder documents

SRM Experts,
I have a requirement to restrict access to bid invitation cFolder documents.
Here is the scenario:
Buyer1 creates a bid invitation and a cFolder. We do not want any other buyers within our organization to access this bid invitation cFolder.
How can this be achived?
At this time, if a buyer (ex: Buyer2) has access to create a bid invitation or view a bid invitation, the system is automatically gives Buyer2 access to cFolder created by Buyer1.
This needs to be restricted, any advice would be appreciated.
Note: BADI BAdI BBP_CFOLDER_BADI is already deactivated in the system
Please let me know if you have any ideas.
Thanks

Hi,
You can restrict the access through Product categories in the PPOMA_BBP for each user .
So that he can create Bid invitation only to that product category..
please check this link
you can find the customization guide for Cfolders on
https://websmp202.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_OBJECT=011000358700007402242002E
Please check with SAP PLM consultant . You can controlled through Authorisation role
This is the role used :User
- Role name: SAP_CFX_USER
Better check with the above link
Regards
G.Ganesh Kumar

Access to appraisal document via ESS is restricted by status

Our requirement is for the appraisee to record their objectives (via ESS) and then select a 'To Manager' pushbutton to send a workflow to the manager requesting them to approve the objectives. The problem is that once the workflow has gone to the manager the appraisee cannot access the appraisal document until the manager has approved the objectives and the appraisal status has changed from 'In Planning' to 'In Process'. How can the appraiser view the appraisal document (via ESS) whilst it has the status In Planning?
We also have a similar issue later in the process. When the appraisee selects the <Close Part Appraisal> pushbutton to signify that they have completed their self appraisal the appraisal document has status In Process. The appraisee cannot access the appraisal (via ESS) until the appraiser also completes their part appraisal and sets the status to Completed. Is there a setting to allow the appraisee to have read access to the document during this part of the process?
Thanks and regards,
Janet

Hi again Maurice.
Once the appraisal status has been set to 'Completed' the appraisee needs to Accept or Reject the appraisal but the appraisal now appears as display only (both in ESS and ECC). We are using BSP documents_received.htm for ESS
The 'Accept' and 'Reject' pushbuttons are not active in ESS
The 'Accept' and 'Reject' pushbuttons are active in ECC and update the appraisal status as required. However if the appraisal is rejected and the status is set back to 'In Process' the appraisal document is still display only.
Any ideas?

Restrict Access To Page Not Working with Different Auth Levels

I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.
Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)
I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.
The problem, however, occurs when trying to log in. No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.
I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.
Login Page:
<?php require_once('../Connections/hondovfd.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "authlevel";
$MM_redirectLoginSuccess = "/membersonly/membersonly.php";
$MM_redirectLoginFailed = "/membersonly/loginfailed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_hondovfd, $hondovfd);
$LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'authlevel');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Log In</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Login</td>
</tr>
<tr>
    <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
    <table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="31%">Username:</td>
    <td width="69%"><input name="username" type="text" /></td>
</tr>
<tr>
    <td>Password</td>
    <td><input name="password" type="password" /></td>
</tr>
</table>
<input name="Submit" type="submit" />
    </form></td>
</tr>
</table>

</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>
Other Page:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "user,admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "/membersonly/loginfailed.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Members Only Area</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Area</td>
</tr>
<tr>
    <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>
      <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>
      </td>
</tr>
</table>
<script type="text/javascript">

</script>
</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>

you don't need all that bloat. set a session during login of some kind of uniquely identifying id. i.e.
$_SESSION['id'] = $row_rs['id'];
then on the pages you need to protect, check it like this....
<?php
session_start();
if (!(isset($_SESSION['id']) && $_SESSION['id'] != '')) {
die(header("Location: http://www.notinprotectedareas.com")); }
?>
you can use an include file i.e.
<?php require_once('login_check.php'); ?>
where file is name login_check.php to make your auth controls clean on your protected pages.

How to restrict update to a document in state release to the contribution g

How to restrict update to a document in state release to the contribution group.
Hi I’m working with UCM 10g and I want to know if it is possible to restrict the update over a document that is on state release for the group of users that made the check in of the document ?
thanks

Yes, it is, but IMHO in a rather complicated way:
- you could change the security settings (security group, or more likely, accounts) during the life cycle, or
- you could implement collaboration management, and change security settings via ACLs
Alternatively, depending on what you mean by "updating" documents you could also:
- check-out the document by a system account (if you want to prevent your users to check-in a new version)
- modify the GUI so that Update (metadata) action is not available to users (in theory, they could still access it via a direct service call) by a custom component
- introduce a Java event filter (enhancing the UPDATE service) where you will implement whatever logic you want
I would probably opt for the last options as it seems to me to be the cleanest solution (but yes, it requires some coding).

Restrict access to users in customer line item display FBL5N

Hi all,
We got a requirement from my client that, they want to restrict access of their users to view details of few customers only. The user has a right to view FBL5N transaction code, but he cannot view all customers details.
we created 4 customer account groups,we created like .. SD customers1
                             SD customers2
                             Onetime customers
                             FI customers
These FI customers cannot be viewed by all users except who has authorization in Tcode FBL5N, we need to restrict to display only SD and one time customers details.
we have tried with Basis but its not working and its blocking to view all customers.
anyone got this kind of requirement , Is it possible to restrict....please help me.
Thanks
Nagesh
Edited by: nag on Dec 27, 2011 5:26 PM

It is standard behaviour that the authorization object F_KNA1_GRP(account group authroization) is not checked
in the transacion FBL5N. You can confirm this functionality in trans. SE24.
As a workaround, I would suggest you to use the authorization object F_KNA1_BED Customer: Account Authorization
If you assign an authorization group as the accouting group, perhaps you can get a similar functionality.
Please note that for the 'drill-down' or direct call of FBL5N these objects are checked:
F_BKPF_BLA Accounting Document: Authorization for Document Types
F_BKPF_BUK Accounting Document: Authorization for Company Codes
F_BKPF_GSB Accounting Document: Authorization for Business Areas
F_BKPF_KOA Accounting Document: Authorization for Account Types
F_BKPF_BED Accounting Document: Account Authorization for Customers
F_KNA1_BED Customer: Account Authorization
F_KNA1_BUK Customer: Authorization for Company Codes
Kind Regards
Soumya

Problems to restrict access to a page when the user belong to more than 1 group

I have realized that Dreamweaver on a coldfusion document only works fine when the user only belongs to a single group, this is because the code supplied by dreamweave when you use the option "Restrict access to a page" at "Server behaviors" it assumes that the user only have one group as you can see on this line created automaticly by dreamweaver:
<cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("admin",MM_UserAuthorization) EQ 0>
MM_UserAutorization has the value of the field assigned for the list of groups or levels, as you can see it could work if we reverse the parameters of the listfind function but the problem would be if we grant the access to more than one group because the sentence would be like this:
<cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("Admin,Manager",MM_UserAuthorization) EQ 0>
so both paramethers are lists therefore no user will get access to the page.
I am trying to make a work around to fix this problem but I don't know how to get the name of the page since the Application.cfc so I can validate the access to this page against tables on my database.
Does someone have a work around or a tip how to fix this problem?
Thanks in advance.
AG

Seems like you have a problem with your group names.ctxLdap.modifyAttributes(groupName,member);Ensure that the value of your variable groupName is a a valid distinguished name.
Note that an OU (organizationalUnit) is not a group. You do not add users to OU's, you create users in OU's.

Problem with Restrict Access to Page with access level using ASP

I'm using Dreamweaver CS3 with ASP-VBScript and an Access
database. The pages were created from scratch for this project,
using those tools all the way through.
I've created a login page, an admin homepage, and add, edit,
and list records pages for three tables. The login page uses the
Server Behavior "Log in User", all other pages use the Server
Behavior "Restrict Access to Page". All of these are based on an
Access Level.
Login seems to work correctly, and redirects to the admin
homepage. From the admin homepage, I can open any other page as
expected, and they initially display correctly. On the add and edit
pages, however,
submitting the form often results in getting logged out, but
not always.
Once this happens, I can log back in, but other problems will
sometimes occur during that second login session. Sometimes,
logouts will occur on pages that worked fine during the first login
session. Sometimes, another session variable that I've setup
manually will change when it shouldn't...as if there were two
values stored for my session variable, and reloading the page
changes to the other value.
This
post seems closest to my experience, but it doesn't look like
there was really an answer beyond "I had to fight with it for a bit
to get it to work":
I suspected that there is some problem with session settings
on the server. We have an almost identical tool on the same server
that was developed with an older version of DW that works more
reliably; it sometimes has problems with the initial login, but
never has a problem after that.
Has anyone experienced problems like this? Any suggestions
for what to check? I'm really pulling my hair out since it's so
unreliable...the kind of problem that goes away when you try to
show someone and comes back when they leave.

Hello,
I was thinking that all I would need would be the username, although username and paswsword would be more secure. There are about 50 users and no groups or levels. They are all equal ... same level.
The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held. I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
Any assistance greatly appreciated.
thanks.

Restrict access to bw_metadata documents in WAD NW04S

Similar Messages

Maybe you are looking for