Reloading JSP for a specific role's users

Hi all,
We have a web application using JSPs.
Our application has users and roles. A user is associated to a role. These are defined in 2 tables:
create table role
( id int not null primary key,
  name varchar(50) not null )
create table user
( user_name varchar(50) not null primary key,
  user_password varchar(50) not null,
  role_id int not null foreign key references role(id) )
For example:
insert into role values (1, 'HR')
insert into user values ('michaelK', 'password', 1)
insert into role values (2, 'Payroll')
insert into user values ('babarA', 'honest', 2)We have 2 tables where we store all our application's web pages and buttons on each page:
create table web_page
( id int not null primary key,
  name varchar(50) not null )
create table web_page_button
( id int not null primary key,
  name varchar(50) not null,
  web_page_id int not null foreign key references web_page(id) )
For example:
insert into web_page values (1, 'Personal_Info') // "Personal Info" Screen has 2 buttons: update and cancel
insert into web_page_button (25, 'update', 1)
insert into web_page_button (26, 'cancel', 1)We have a requirement that the administrator want the facility to enable/disable buttons on each web page for a specific role. So we have created a table where we define enable flag for each button of a web page w.r.t a Role:
create table role_web_page_button
( id int not null primary key,
  role_id int not null foreign key references role(id),
  web_page_button_id int not null foreign key references web_page_button(id),
  enable_flag int not null )So if the administrator say that for users belonging to "Payroll" role the "Update" button on "Personal Info" Screen will be disabled.
insert into role_web_page_button values (100, 2, 25, 0)The user first go to login.jsp and provide login information. If successful we store his user_name and role_id in the session as an attribute. We then redirect the user to index.jsp. In this jsp we have a header.jsp on top. This JSP remains there on all web pages user visit.
In that JSP we generate one Javascript function getButtonEnableFlags(). This function defines each button's enable flag of each screen for the user's role_id. So when a user of "Payroll" role logins then this is generated:
function getButtonEnableFlags()
  var buttonEnableFlags = new Object();
  buttonEnableFlags["Personal_Info::update"] = "0";
  return buttonEnableFlags;
}We also have a javascript function which tells us the enable flag's value for a button of a screen.
function getButtonEnableFlag(webpageName, buttonName)
  var buttonEnableFlags = getButtonEnableFlags();
  var keyName = webpageName + "::" + buttonName;
  return buttonEnableFlags[keyName];
}Each Web Page after loading calls a common javascript function setupButtons(webpageName). This function receives a webpage name, picks all buttons on the form of that web page, then call getButtonEnableFlag(webpageName, buttonName) to get enable flag for each button and then set it.
This solution is working fast and perfect. The javascript function getButtonEnableFlags() is generated once when user logins so each web page does not have to call the server to figure out enable flag for their buttons.
I have created a maintenance screen for the Administrator which provides the facility to enable/disable buttons on each web page for a specific role. This screen updates the role_web_page_button table.
Problem is if the Administrator makes any changes for a Role how can I reflect that change on the user's of that role which are already login in the system? For example suppose 2 users of "Payroll" role are login in the system and for "Peson_Info" web page the "update" button is disabled. Now administrator changes the "update" button of "Personal_Info" web page to enable for "Payroll" role through the maintenance screen. How can I reload the header.jsp on only those 2 user's computer?
Thanks

I suppose you can use AJAX to change the end-users JSP page that is displayed on his browser as he is vieiwing it.
However, I suggest against changing permissions on a JSP page while the user is using it (I believe most programmers do not do that). If I was an end-user with a JSP page displayed and I suddenly see the 'update' button disapear, I would be very upset.I suggest waiting for the user to close his session (and not simpily navigate to another page within the session, but actually ending the session by either calling up another web site or closing the browser) and when he next logs into the applcation again, the button is gone. If the administrator does take away a permission such as an 'update' button, do you really need to deny permission to everyone right then? I think you can wait for users to log off.
An alternative is to create a batch job that when the admin removes permission, the batch job runs at midnight to actually change the permission in the database. Since few people are logged on at midnight, few people will see the change while they are working.
Another possiblity is when they click the update button, don't do an actual update to the database. Instead, redraw the page with the update button disabled (not removed) and add a note on the JSP page that the administrator has just removed permission for all users to update at this time.

Similar Messages

  • Error for customer specific Authorization check (User Exit)

    Dear Experts,
    I am facing a problem in PM.
    I have created a maintenace plan for calibration via t code IP42 and mentioned the order type PM05. Scheduling is done for the order. I got the order number.
    I have released the order and got the inspection lot number.
    While entering the results recording through t code QE17, the reluts are out of the specified range, i have given the valuation Rejected, immediately system is giving an error message as below:
    "Error for customer specific Authorization check (User Exit)"
    Though there is no user exit activated in the system, this message is coming and not allowing the result recoring for rejection.
    If I'm entering the result recording within the specified range, then valuation is Accepted and its allowing to save.
    I have checked the following user exits:
    QQMA0002: QM: Authorization Check for Entry into Notif. Transaction
    QQMA0026: PM/SM: Auth. check when accessing notification transaction.
    The above 2 User Exits are not active.
    I have also checked a note 429066. But it says incase of any dump for that user exit only its applicable and more over the current version of the system is ECC 6.0 packae 15, where as that note is applicable upto 4.6C.
    Please some one help me on this issue.
    Thanks and Regards,
    Praveen.

    Dear Pete,
    I have cheked with my technical team, There is no hotpacks updated recently. This is the implementaion project I'm in, so performing the cycle for the first time.
    Any how I got it solved, in T code QE17, after entering the Inspection lot in next screen goto menu path Settings - User settings - Defects recording mention the reprt type and tick on Reprt type Changable.
    At the time of result recording if the valuation is Rejected then it ask for defects recording close that window if not rwequired then save, the error message no longer apperaing now.
    Regards,
    Praveen

  • How to get the assignees for a specific role in process in BPM 11g

    Hi, Gurus,
    I am using BPM 11g. I am trying to retrieve all the assignees for a a specific role in process. It will be a parameter for a business rule to do further routing rule. But it seems there is no way to get the information. I found that there are Identity Service Functions in Human Task Assignment. But Identity Service Functions are not listed in Business Rule Activity, neither listed in other activities except Human Task Assignment. I cannot get the assignees in my process.
    Is there any way to get all the assignees for a role? I also tried to retrieve the assignees out engine with Worklist API, but it cannot get either. Actually we can get all the assignees information in automatic activity in OBPM 10g. Maybe I am still not familiar with 11g. Any advice is appreciated.
    FYI:
    My scenario:
    Suppose we have a role named ApprovalTeam. In this role, there will be several different department manager (BPM User) added in the role through Workspace. At run time, a request (With department info) with go through the approval by ApprovalTeam. A Business Rule Activity with decide which department manager will approve this request. Different department request will be dispatched dedicate managers, not all the managers in the role. I have an external JavaBean to get the department information from LDAP. To do the routing, I also need know all the department managers (BPM User) in the ApprovalTeam role. Then I can compare which department manager is matched with the request and assign the task to him.
    Thanks a lot,
    James
    Edited by: James Piao on May 31, 2010 6:25 PM

    or this?
    SQL> select text from ALL_VIEWS
      2  where VIEW_NAME
      3  ='EMP_VIEW';
    TEXT
    SELECT empno,ename FROM EMP
    WHERE empno=10

  • How do I get a list of users for a specific role in EP 6.0

    Hi,
    I'm trying to find a table or an API that I can use to get a list of users for a role that I have created in the portal. There are about 940 users tied to this role that I would like to dump to an excel or text file. My goal is to get these users into a security group and tie the role to the group instead of each user. Thanks!

    Hi Chris,
    first, welcome on SDN!
    UMFactory.getInstance().getRoleFactory(roleID).getUserMembers() returns the users which are members of the role, see http://media.sdn.sap.com/html/submitted_docs/60_sp2_javadocs/ume/com/sap/security/api/IRole.html
    addGroupMember(...) adds a group.
    removeUserMember(...) removes a user from a role.
    Corresponding method exist for the groups.
    Hope it helps
    Detlev
    PS: Please consider rewarding points for helpful answers on SDN. Thanks in advance!
    PPS: Wrong forum, should have been EP DEV for example. It's not a question in conjunction with KM.

  • Is it possible to disable auto reloading, permanently, for one specific URL?

    msnbc.com is supposed to auto-reload its home page every however often, 30 minutes I think. But the reload never stops, probably because of my AdBlock settings for the site. I want to permanently stop msnbc.com from reloading. I've searched thoroughly with many keywords, and though I've found many extensions that will reload pages or set auto-reload intervals, I can't find anything that *stops* auto-reload. I'd appreciate any help.

    Mike,
    Not sure if I completely understand your dilema.  I don't know of any way to pause a FMR, however, I may be able to help with plan B.  I have a widget called Repo Playbar that allows you to reposition the playbar AND show/hide any playbar buttons, including the play/pause button.  Have a look here.
    HTH,
    Jim Leichliter

  • Extract the userID that set a role for a specific user

    Hi all @SAP Forums,
    I'm going to write a simple report to extract some information about users and role assignments in the system I'm working on.
    The requirements is quite simple; for every user in the USR02 table, I have to extract some info about the roles the user has.
    In order to do so, it's quite straightforward to find roles for a particular user looking into the AGR_USERS table, but ... I'd like to know if there's a way to find the user who set the role assignment for that specific user; the problem is that I cannot find that information in any AGR* tables, so I start to think it's not a stored information I can retrieve in any way.
    Any hints/suggests you can give me? Thanks in advance.

    Hello muthu,
    useful link to refer to when I'll need to extract a full username (first and surname) for a userId. But the question, forgive me if I've been not-so clear, was different.
    A (key) user, say A123456, sets a role for another user (A00000) in SRM... let's suppose now A00000 becomes a buyer. I'd like to know if there's a way, starting from the user A00000, to understand WHO had given him his role (in this case, A123456) and WHEN... I can see the CHANGE_DAT field in AGR_USERS about the "when"... where can I (if I can, obviously) find WHO set the role for A00000 ?
    Thanks again, sorry if I've been not that clear in explaining

  • Check if a user has a specific role

    Hello,
    Is it possible to check if a user has a specific role in MII 12.0?
    For example if the user has the role "xmii Developers" I would do something more in a transaction than if the user doesn't have this role.
    Thank you for your help.
    Regards,
    Matthias

    Hi Matthias Pröller ,
    Are u finding difficulty to trace which role user is assigned to? If so, then u can refer Abesh's Blog.
    OR
    If you are writing Transaction to get user list based on Role , then u can do following
    Create XML query.
    Configure above XML Query in Transaction, in links map (XML Query) URL like given below
    "https://Server:Port/XMII/Illuminator?service=admin&Mode=UserList&Content-Type=text/xml&group=XMII Administrators&IllumLoginName=loginId&IllumLoginPassword=pwd"
    Regards,
    Padma
    Edited by: Rao on Mar 31, 2009 11:52 AM

  • Using Role as WF Admin for a specific workflow - Reg

    HI All,
    I am trying to define a WF Admin for a specific workflow. I know we can maintain a USER ID or EXPRESS(WFsyst-agent) or Rule for this in the Version Dependent tab of Basic Data for wflow template.
    But, when i give a Role(Custom R:XXXXXXX role), and do the syntax check, it is giving me the following error and am not able to proceed further.
    "Organizational object 'R:PR044_TRAVEL_MANAGER' not available".
    My guess is the agent that you give here should be an Org. Obj. For ex., when we specify a USER ID, then the Admin for this witem is shown as "ORGUSXXXXX" and similarly when we assign this custom role, may be it is trying to find if this role is an org. obj (which is obviously not) and hence the error.
    Have any of you tried this ROLE option here and can you pl explain me what is wrong with my setting.
    I'd appreciate your quick response as this is very critical for me.
    Thanks in advance.
    venu

    Mike,
    I thought i had solved it. But, when i am trying now with a role "RXXXXXXX" that is 14 char, its not working again.
    Can anybody tell me if there is any limitation on the role name (should start with Y or Z) or char length (14 char or 12..).
    Your immediate response is greatly appreciated.
    ========
    Hey, i just foudn that its the limitation with 12 char ..not Y or Z..and also found this OSS note 860251. It discussed the issue, but not a solution other than choosing a 12 char length for Role name.
    Anybody, any ideas ?
    Thanks in advance,
    venu
    Edited by: Venugopal Jogi on Jul 14, 2008 6:07 PM

  • Hiding Options in Context Menu for Specific Roles

    Hi SDN,
    We have navigation iview assigned to some of the users. There appears context menu and the items in it. We need to remove some of the options like copy, move for the specific users.
    How to achieve this specific requirement of hiding few of the items in context menu of KM Folders and files for specific users or roles?
    Thanks in advance
    Regards,
    Ganesh N

    Hello!
    In Portal KM, set Permissions on folders for this users (Group of users) - Read.
    Other way - you can edit Ui Commands of Layoutset - which is used in iView,then create copy of iView (not delta link) and delete commands you don't want to show, then assigne iView to your specific role
    Best regards, Ivan
    Edited by: Ivan Kalahryu on Dec 16, 2008 10:05 AM

  • Restricting the ATP user for GATP - corrrect roles/authorizations

    Hi:
    If the dialog user that is used for the ATP check (from ECC to GATP) has more authorizations than needed and this is going to be a problem in production. The user can run SCM transactions from the results screen of ECC and this is not desirable.
    Therefore, the ATP user should be a restricted user that has only authorizations for this specific task. If you know what are the exact roles/authorizations to give to the ATP user, could you share them?
    Thanks in advance.
    Satish

    For R/3 please check OSS  Note 447543 - APO: Authorizations too comprehensive/not user-specific.
    "If it is necessary to have different authorization profiles in APO for different R/3 users when calling in APO, the following solution applies:
    Activate the setting in SM59 that is used for the RFC connection CURRENT USER.
    In the APO system, create the respective users and assign authorization profiles. This is necessary in order to achieve the necessary flexibility concerning authorizations in the APO system."
    For APO :
    AuthorizationsObject   C_APO_ATP in APO .
    please chose activity as per  user role.
    01       Create or generate
    02       Change
    03       Display
    04       Print, edit message
    06       Delete
    16       Execute
    39       Check
    Manish
    Edited by: Manish Kumar Rathi on Oct 21, 2008 1:24 PM

  • CUP - UME to restrict for provisioning country specific roles

    Hi All,
    We have a unique requirement during CUP Implementation. We are implementing CUP for a customer and rolling out to various countries.
    With this scenario we have a single stage workflow which routes through the approval procedure of respective countries. Now that we have a problem where if a user selects another country role and by mistake if it gets approved the user might get a wrong role. [We have different naming convention for diff. country roles and each country has separte roles]
    Is there a way to restrict the country specific users to search only for that particular country role in UME or even if he searches other country role it should not allow the provisioning of a different country role  to that particular user.
    Ex: User A belongs to X country. Roles of X country are starting with X1 ... series. Similary Y country roles are starting with Y1..series.
    Is there a way to restrict User A only to serach and select only roles of X1...series and gets restricted for provisioning to X1..series only.
    Thanks and Best Regards,
    Srihari.K

    Hello Sri,
    You can create country specific business processes and assign the role to the Business Process, Functional Area or Company. By selecting the "country" in the configured field, at least only those applicable roles will show for the user.
    In the user form make such a field mandatory.
    Of course the user could select the wrong country in the field, but this will greatly reduce human error.
    -Dylan

  • How to get users' login logout time for user IDs for a specific date?

    Dear All,
    There is a case I being requested to retrieve the Userid, User Name,
    User Group, User Dept, Date, Login Time, Logout Time in a specific date, for example, 21.05.2009.
    How should I retrieve the information? The user want to input specific date and user group then return the details that mentioned above.
    I try with SUIM->Users->By Logon Date and Password Change... but I can't specific the date that I want ...
    I try with SM19 (Security Audit Log), but unfortunately in my system this is not activated.
    I've seek for SAP's advise, and they say need to ask abaper to developr a report in order to get such details....
    Do you guys have any other methods?
    Do you guys know which tables will contain the details as mentioned above?
    Best Regards,
    Ken

    Unfortunately without the audit log, you're going have a hard time finding this information.  As mentioned, ST03N will give you some information.  If your systems daily workload aggregation goes back to the date you require then you'll be able to get a list of all users who logged on that day.  ST03N doesn't keep time stamps just response times.
    My only idea is VERY labor intensive.  If your DB admin can retrieve a save of the database from that day then table USR02 will hold a little more information for you.  It will contain last login times for that day.  If your system backup policy happened to have saved the contents of folder "/usr/sap/<SID>/<instance>/data" then you potentially have access to all the data you require.  The stat file will have recorded every transaction that took place during that day.  If that file is restored you could use program RSSTAT20 to query against it.
    Good luck and turn on the audit log as it makes your life much easier!

  • Draft Documents View is empty for a specific user

    Hi,
    For a specific user, when he goes on the Document Draft Reports, the Sales Document sub-form is empty. Meaning that when he ticks the "Sales Documents" option, the boxes to choose specific Sales Document does not exist (e.g. Sales Quotation, Sales Orders etc.). This happens no matter what are the other options (e.g Open Only or User Option).
    The other lists (Purchasing and Stock) are working properly. Again, all the other users do not experience the same issue as the form is working properly
    The installation is on 2007A SP01
    Any ideas?
    Thanks in advance
    Gerasimos

    Hi Gerasimos.......
    I'm sure this is a Bug in your system. If you have any of the adons then please Disconnect it and also try to create new Super User and give him license and then check with this new user for the same output.......
    Else I'm afraid you need to raise a support ticket to SAP.......
    Regards,
    Rahul

  • How do I setup multiple users to use one source but manage playlists separately?  For example, play counts are specific to each user.

    How do I setup multiple users to use one source but manage playlists separately?  For example, play counts are specific to each user.

    Hi,
    Thank you for posting in Windows Server Forum.
    Here adding to the words of “Tim”, a forwarder is a DNS server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. You can also forward queries according to specific domain names using conditional forwarders.
    A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. You can refer information regarding forwarders and how to configure from beneath link.
    Understanding forwarders
    http://technet.microsoft.com/en-us/library/cc782142(v=ws.10).aspx
    Configure a DNS Server to Use Forwarders
    http://technet.microsoft.com/en-us/library/cc754941.aspx
    Hope it helps!
    Regards.

  • Can we give UNIQUE ACCESS FOR THE SPECIFIC FILE IN THE LIBRARY in SP2013? How can we remove users from SHARED WITH link where files are shared with users?

    Hi,
    Any help on this?
    Thanks
    srabon

    Hi srabon,
    For giving unique access for a specific file in a library, you can go to the library, and select the file , and click FILES->Shared With->ADVANCED, under PERMISSION ribbon, click ‘Stop Inheriting Permissions’, then the file will have unique permissions.
    For removing the shared users for a file, firstly, like the above steps, select the file , and click FILES->Shared With->ADVANCED , make sure the file has unique access, then select the users that you want to remove, and click Remove User Persmissions
    under PERMISSIONS ribbon.
    I hope this helps.
    Thanks,
    Wendy
    Wendy Li
    TechNet Community Support

Maybe you are looking for

  • TDS with CIN details

    Hi gurus, Can anybody forward me the TDS configuration with cin details & rules & regulations of TDS, its quite urgent plz,,,, [email protected]

  • Status update on Sales Opportunity when Quotation is won

    I need to set up an automatic status update for the sales opportunity; when the quotation is set as won, the related sales opportunity is also set as won. I have tried the <Define status profile for user statuses> in IMG, but don't seem to get it rig

  • Problems upgrading camera raw 8.3 to 8.5, upgrade finished  but version 8.3 still shows in Bridge

    problems upgrading camera raw 8.3 to 8.5, upgrade finished  but version 8.3 still shows in Bridge

  • Asm createdisk error in root.sh

    I get the following error in root.sh during RAC install DiskGroup OCR creation failed with the following message: ORA-15018: diskgroup cannot be created ORA-15072: command requires at least 1 regular failure groups, discovered only 0 Configuration of

  • SUNWcdrw - where can I download it

    I have tried everything and am unable to locate this package. I have installed a full distribution of the solaris 8 7/03 OS. I have installed a full distribution of the "Sun Solaris Software Companion CD" I have attempted to install patch "118097-01"