Martin Yergeau Posted March 2, 2021 Share Posted March 2, 2021 Does having master and BV in two separate app folders and assigning proper security on each can solve this Link to comment Share on other sites More sharing options...
David Beagan Posted March 2, 2021 Share Posted March 2, 2021 Yea MartinY, good idea. I did an experiment, I put the component master in a folder not on the APP PATH and the business view in a folder on the APP PATH. It didnt work until I coded the business view to explicitly reference the app folder and master: CRFILE=app/file.mas The BV works in Designer and does not show the app folder with the master to the Designer developers. Not sure how well the synonym GUI tool(s) support this. Also, I seem to remember an optional security setting that prohibits users from accessing non-app path files which would seem to invalidate this solution. Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 2, 2021 Author Share Posted March 2, 2021 That is what I am attempting to do, but with no luck Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 2, 2021 Author Share Posted March 2, 2021 I had tried something like this, but will investigate. Its frustrating that this simple thing is effectively holding us up. Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 2, 2021 Author Share Posted March 2, 2021 Also, being Multi tenant makes this so much more complicated Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 2, 2021 Author Share Posted March 2, 2021 Sorry for the long title. We have a situation where we have a multi tenant setup (separate and secure master files for each tenant), but we want to keep those masters invisible to the users when we open up designer and only make their Business Views visible. Any Suggestions Security has been implemented as per Configuring Security Templates for Multi-Tenant Environments, but this allows access to all masters including business views. I have tried creating a separate template, but it seems to be ignored (assuming only one per user is possible) Link to comment Share on other sites More sharing options...
Brian Baird Posted March 3, 2021 Share Posted March 3, 2021 Did you consider setting up a security role to restrict access to the files Or is it only specific masterfiles that you would like to hide In my configuration we are using the WFRS to authenticate the user. This means we can use Active Directory groups to apply specific permissions to the App folders. This is how I restrict access to certain masterfiles. 2.png1316371 23.4 KB Link to comment Share on other sites More sharing options...
David Beagan Posted March 3, 2021 Share Posted March 3, 2021 One other thought, you can take advantage of special characters in metadata file names. I created a gg^sales.mas and .foc. I was able to TABLE FILE gg^sales PRINT * END and see output. Then when I went into Designer I didnt see gg^sales. I assume that if you built a business view off of masters it could work. Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 3, 2021 Author Share Posted March 3, 2021 Thanks Brian, Will investigate Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 3, 2021 Author Share Posted March 3, 2021 Ill take a look and see, but what would, I think, require us to changes all out fexes on the current masters. Link to comment Share on other sites More sharing options...
Manoj Chaurasia Posted March 10, 2021 Share Posted March 10, 2021 Waz I have 8.2.07.25 and I set up a multi-tenant domain with a separate app folder called tenant1. I copied a business view with crfile references to the real master files in a different app folder into the tenant1 folder. That is the only folder in the app path for that tenant and everything worked great for me. I could not find the doc Configuring Security Templates for Multi-Tenant Environments in the security and administration manual or the best practices manual so I am not sure what that had you do. Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 14, 2021 Author Share Posted March 14, 2021 This document describes the multi-tenant setup. https://webfocusinfocenter.informationbuilders.com/wfappent/TL3s/TL_srv_server/source/h2_Config_Server_Multi_Tenant_Deploy.htm Note: I have a response from TechSupport, will be checking it out today. Link to comment Share on other sites More sharing options...
Warren Hinchliffe Posted March 19, 2021 Author Share Posted March 19, 2021 I have got a solution from TechSupport. Simply it involves turning list off for the tenants masters /customer/tenant but turning on list for the business views /customer/tenant/busviews, this is done via the template setup under access control and setting the privileges against the Model Group and a new sub directory (busviews) under the Model Group. Model Group has Read and Execute only, no List privilege. Model Group/busviews has Read, Execute and List privileges So when a user tries to access the masters they get an empty tenant directory but get the list of business views under the busviews sub directory. The final step, due to navigation through many levels (customer/tenant/busviews), it was suggested to add an APP MAP to the location so a new app directory of busviews is created. As our environment uses Security Center Groups for tenants the APP MAP was simple. Effectively APP MAP busviews &APPROOT|/customer/&FOCSECGROUP|/busviews. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now