Lower User Roles not allowed to create higher Role

JTRTech · October 5, 2016, 11:04pm

Made a few edits to that if you have copied already do it again… only layout and comment but worth doing right

GreatShakesBar · October 5, 2016, 11:07pm

someones fishing for 2 million likes lol

Dude, I super super appreciate this. It needs to be made into a tutorial because I’m sure I’m not going to be the only person who needed to stop people creating higher roles!

Much love for this, I cant thank ALL of you enough for your help here.

JTRTech · October 5, 2016, 11:07pm

Not convinced thats 100% the case, while it might not create duplicate it wouldnt return a an error message like making your own verification @GreatShakesBar think it might be worth double checking and maybe adding validation and message to match…

Jesse · October 5, 2016, 11:18pm

I meant it won’t crash it. You will need to create a message flow to tell you it failed.

GreatShakesBar · October 5, 2016, 11:19pm

Ah but then thatll already happen with the Add User bit no?

So like 2 birds with 1 stone

JTRTech · October 5, 2016, 11:21pm

Not 100%, the two are independent and in theory editable separately.

You would want to do and exist entity api with the other validations and add the responce in the if &&…
Expect it will return true or false but never tried.

GreatShakesBar · October 6, 2016, 10:21am

Here is the completed DB import file incase anyone else would like.

USR_AddUsers.zip (1.6 KB)

Don’t forget to change in Scripts both the Role Name and Entity Type (in this case Role Name ‘Employee’ and Entity Type (Staff)

if you don’t need an entity just delete that bit out

Thanks @JTRTech Kendash and Q for your help

QMcKay · October 6, 2016, 6:34pm

Like I said …

I knew you could work it all out though… I went on a boat, swam in the ocean, did some snorkeling, caught 5 Tuna on the way home, then had Sashimi dinner with friends until late in the night, and the power went out on the island. Great time, lots of JD, sun, and fun!

Shivan · October 8, 2016, 8:19am

What is the helper command for that? is it dlg.?

JTRTech · October 8, 2016, 10:37am

dlg.AskQuestion()
Look at the last part of the script, there is already couple in there.

Shivan · October 8, 2016, 11:17am

Ahh thought so. Just confirming thanks

GreatShakesBar · October 8, 2016, 2:10pm

Just adding Validation, how would I cancel if someone pressed Cancel?

dlg.AskQuestion('Add Employee Named: '+usr+' ?','OK,Cancel');

JTRTech · October 8, 2016, 2:26pm

Just a guess…

Make it a var, perhaps the value pressed is passed back. ie;

var addEmployeeAQ = dlg.AskQuestion('Add Employee Named: '+usr+' ?','OK,Cancel');
if ( addEmployeeAQ == 'OK' ) {
  YOUR ADDING EMPLOYEE PARTS
}

Or you could add an else with aborted message;

var addEmployeeAQ = dlg.AskQuestion('Add Employee Named: '+usr+' ?','OK,Cancel');
if ( addEmployeeAQ == 'OK' ) {
  YOUR ADDING EMPLOYEE PARTS
} else {
  dlg.AskQuestion('Adding User '+usr+' Aborted','OK');
}

That is if the ask question button is returned to the var on the first line…

GreatShakesBar · October 8, 2016, 2:27pm

I was just getting there

Let me see how different this is to what ive done

GreatShakesBar · October 8, 2016, 2:31pm

it was almost the same, but ive deleted what I did.

I think its ordered wrong? I don’t get the cancelled message, but says pin or username already in use lol

// run SQL to create the User
q = "INSERT INTO [Users] ([PinCode], [Name], [UserRole_Id]) VALUES ('" + pin + "', '" + usr + "', '"+grp+"')";
var r = sql.ExecSql(q);

// create user entity
api.Entity(usr).Create('Staff');
dlg.AskQuestion('Employee named '+usr+' added.','OK');
   } else {
  dlg.AskQuestion('Adding User '+usr+' Aborted','OK');
}
  } else {
   
dlg.AskQuestion('User or PinCode Already in use.','OK');

  }
}

GreatShakesBar · October 8, 2016, 2:33pm

actually, ill just not have that bit ill just have cancel cancel it off

JTRTech · October 8, 2016, 2:34pm

Hard to follow without whole script,

GreatShakesBar · October 8, 2016, 2:36pm

cant seem to add the } in the right place…

So here goes:

function createUser(u,p) {
  // can get User and Pin fed via function or 
  //use Data.Get to retrieve Program Settings
  var usr = (typeof u === 'undefined' || u=='' ? Data.Get("Username") : u);
  var pin = (typeof p === 'undefined' || p=='' ? Data.Get("PIN") : p);
  var grp = 'Employee';

  var q="SELECT [Id] FROM [UserRoles] WHERE [Name]='" + grp + "'";
  var grp = sql.Query(q).First;

  // more validation
  usr = (typeof usr === 'undefined' ? '' : usr);
  pin = (typeof pin === 'undefined' ? '' : pin);
  grp = (typeof grp === 'undefined' ? '' : grp);
  
  //check for existing user with that name
  var q="SELECT COUNT([Name]) AS [COUNT] FROM [Users] WHERE [Name]='" + usr + "'";
  var nameCount = sql.Query(q).First;

  //ceck for existing user with that pincode
  var q="SELECT COUNT([Name]) AS [COUNT] FROM [Users] WHERE [PinCode]='" + pin + "'";
  var pinCount = sql.Query(q).First;
  var addEmployeeAQ = dlg.AskQuestion('Add Employee Named: '+usr+' ?','OK,Cancel');
  if ( addEmployeeAQ == 'OK' ) {


  if (usr!='' && pin!='' && grp!='' && nameCount==0 && pinCount==0) {

// run SQL to create the User
q = "INSERT INTO [Users] ([PinCode], [Name], [UserRole_Id]) VALUES ('" + pin + "', '" + usr + "', '"+grp+"')";
var r = sql.ExecSql(q);

// create user entity
api.Entity(usr).Create('Staff');
dlg.AskQuestion('Employee named '+usr+' added.','OK');
   } else {
  dlg.AskQuestion('Adding User '+usr+' Aborted','OK');
}
  } else {
   
dlg.AskQuestion('User or PinCode Already in use.','OK');

  }
}

JTRTech · October 8, 2016, 2:43pm

Download notpad++ or something similar, can be helpfull for visually seeing the start/stop of brackets etc.

GreatShakesBar · October 8, 2016, 2:44pm

ah, I have that already

didn’t hink of that