The menu displayed according to the authorization changes. In Wagby, only permitted menus are displayed.
When logging on as a system administrator, all the menus including "management processing" are displayed.
I prepared a general user account.Since it is not a system administrator, some tabs, including the "Management processing" tab, are hidden.
I also prepared an account called a business administrator.Several menus (functions) are additionally displayed.
Even if you log on with an unauthorized account and enter a URL that manipulates an unauthorized function directly in the address bar, it is treated as a privilege error.
Prepare a new principal.The principal name and principal ID are optional.(The principal ID is alphanumeric.)
For menu control, set which permission to enable.
|permission||Description||Relationship with the menu||Internal notation|
|Browsing||Controls access to the detailed display screen.||None.Menus on the detail display screen are not prepared.||select|
|Search||It controls access of search/list display and sub window search.||Separately set by "Menu" permission.(Described later)||showlist|
|update||Control access to the update screen.||None.The menu of the update screen is not prepared.||update|
|Registration||Control access to the registration screen.||There.For accounts that do not have this permission, menus on the registration screen are not prepared.||insert|
|Delete||Control access to delete function.||None.The menu of the delete function is not prepared.||delete|
|download||Control access to the CSV/Excel download screen.||There.For accounts that do not have this permission, menus on the download screen are not prepared.||download|
|upload||Control access to CSV/Excel upload update screen.||There.For accounts that do not have this permission, menus for upload update screens are not prepared.||upload|
|menu||It refers to the search/list display screen.||There.For accounts that do not have this permission, menus on the search/list display screen are not prepared.||menu|
|List update||Control access to the list maintenance screen.||There.For accounts that do not have this permission, menus on the list maintenance screen are not prepared.||uploadupdate|
|Form output||Control access to the form output screen.||There.For accounts that do not have this permission, menus on the form output screen are not prepared.||reportlist|
When using an external database, "What to do when adding a principalPlease import data as described in.
Figure 5 shows an example of creating an account "business administrator".
Here, we specify two principals "general user" and "business administrator".At this time, the permissions that this account has are all permissions (union) associated with each principal.
If an unauthorized user enters a URL directly into the address bar to perform an operation on an unauthorized model, an error screen as shown in Figure 6 is displayed.
In addition, the following record remains in the log file (wagbyapp/logs/system.log).
20xx-xx-xx 00:00:00 [INFO jp.jasminesoft.jfc.controller.BaseController checkPermission] (user1) JFC-00108:セキュリティエラーです。権限は [JFCAppPermission [JFCBasePermission Name:juser Actionlist:insert ] ] となっています。
The log level is INFO, not ERROR.Security error detection is a normal process.To perform this detection, search with the log code "JFC - 00108".