Letting a user see only the data they should.
Letting a user see only the data they should.
- Subject: Letting a user see only the data they should.
- From: Justin Tocci <email@hidden>
- Date: Tue, 4 May 2004 12:30:36 -0500
Help!
I am putting together a website which requires a login. Once the user
logs in, they have access to the YOUR ORDER STATUS page. I have a
display group connected to a fetchspec on this page, which I am trying
to use this qualifier on:
(USERNAME = $session.usersname)
Filtering the USERNAME column of the table on the users login name
tells the database to only give up orders for that user.
But it is not working. From one of the books I've got, it talks about
"doing things the WebObjects Way" and indicates you can't access the
session from an Enterprise Object, and that you are headed for a
redesign that causes the EO to get the data from the session. My
problem with that is way to much data. There are six pages already
which could show hundreds of records each. I don't think I want to
store that much stuff in the session. Also, they may only go to one
page, now I've fetched everything and they won't even use it.
If I am going to do a redesign, can someone please tell me what the
best practice is? I have way to many users to make fetchspecs for all
of them, and the list grows. I really want to have one component that
everyone uses, but limit the data to what they are allowed to see, but
I am open to an equally elegant solution that gives me the
functionality I need.
justin tocci
fort wayne, in
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.