index | search | no replies | posting guidelines | help login | register
Index » Products » ASP Report Wizard v2
search this forum:
:: restrict data based on session ID :: (4)Post a New Message | Post a Reply
May 24 2004, 6:53 AM
 restrict data based on session IDPost a Reply
 saz95

View this author's profile Send this author a private message

since: Nov 1, 2003
from: somewhere

I try to restrict data only for users from the respective department. I've succesfully control it from the report level but the user can still see records from other department. Normally, I would control this from the SQL using the WHERE statement for e.g.

"SELECT * FROM tblData WHERE Department = '" & Session("Department") & "'"

This is my default.asp file where I restrict users to see reports only from their respective department.

<%
Dim objWiz, intUserLevel
Set objWiz = Server.CreateObject("AspWebSolution.ReportWizard2")  
  
  Const ADMIN = -1
  Const SUPERUSER = 1
  Const GUEST = 2

  Select  Case Session("Department")
      Case "IT": strReports = "IT"
      Case "Admin": strReports = "ADMIN"
      Case "Finance": strReports = "FINANCE"
   End  Select
  
'remove all admin capability
objWiz.IsAdmin =  False
  
'set the report groups to display
objWiz.UseReports = strReports

intUserLevel =  CInt(Session("UserLevel"))
      
  SELECT CASE intUserLevel
    CASE ADMIN
        objWiz.IsAdmin =  True
        objWiz.UseReports = ""
    CASE SUPERUSER
        objWiz.IsAdmin =  True
        objWiz.UseReports = strReports
   CASE GUEST
       objWiz.IsAdmin =  False
        objWiz.UseReports = strReports
  END SELECT


May 24 2004, 9:19 AM
 Re: restrict data based on session IDPost a Reply
 whichman

View this author's profile Send this author a private message Visit author's homepage

from: Laurel, MD

Always remember that Select Case statements are case sensitive and also always set a department/reports for empty Sessions (just in case)
Try this:


  Select  Case  UCase(Session("Department"))
     Case "IT": strReports = "IT"
     Case "ADMIN": strReports = "Admin"
     Case "FINANCE": strReports = "Finance"
     Case  Else : strReports = "Test"
  End  Select  
  


Let me know if this information helps.




-------------------------
Master of the Game
May 30 2004, 6:20 AM
 Re: restrict data based on session IDPost a Reply
 saz95

View this author's profile Send this author a private message

since: Nov 1, 2003
from: somewhere

Can I use the select case dynamically from a database rather than I have to hardcode it...

Thanks

May 30 2004, 6:43 AM
 Re: restrict data based on session IDPost a Reply
 whichman

View this author's profile Send this author a private message Visit author's homepage

from: Laurel, MD

If your report group IDs matches the your departments then  you can use the following ling:

'set the report groups to display
objWiz.UseReports =  UCase(Session("Department"))  



-------------------------
Master of the Game
Pages: (1)   [1]

search this forum: