My intention is to hide a particular button/control on a DSP web page so that a user that does not have access to the function behind it never sees the button in the first place (and therefore never gets “access denied” errors). I’ve figured out a possible methodology by writing a flow service called OKTOACCESS that is invoked from the DSP page. It takes the functionName as an input and then would check against some list (the format of which, i would come up with) to determine which ACL has access to the function. Then, i need to determine if the currently logged in user is a member of a given ACL and then return true or false to the DSP page, letting it know to show or hide the button. Any ideas on how to determine if the currently logged in user is a member of a given ACL either in a flow service, or directly in a DSP page?
I’m having a similar requirement; the closest I got was using the java API:
vector = user.membershipNames();
However, since I’m pointing to LDAP, this gives me the LDAP groups that the user is part of, not the ACL names, i.e. Administrator, Developer, etc…
If anybody knows of a different way, please let me know. I didn’t see anything in WmRoot (yes I know it’s not advisable to invoke those services).
wm.server.access:userAclList might be a start for what you need. For the current user it returns all the ACLs to which the user is associated.
Alas, there isn’t a public way to get the execute ACL of a service to which to compare.