Filter out certian Roles

Is there a way to not display certain roles?

What we have is owner, Management, Operator. What I want to do is allow Management to be able to assign roles but I don’t want them to be able to see that there is even a Owner role. So when the user is logged in as owner they have no restrictions, when logged in as management, they can assign roles Management and Operator and when logged in as Operator they have to control.

I don’t think there is any way to do this with the built in ‘User Management’ component.
However, you could create your own management forms to do this and customize them any way you want.

In 7.7.? they added an Extension Function to the User Management component called filterRole() that can be used to filter Roles.

I found the filter roles but was only able to get it to either filter all or nothing. Do you have a suggestion for how to write it based on each case?

if role=="owner": return 0 else: return 1

[quote=“JordanCClark”] if role=="owner": return 0 else: return 1[/quote]
So this just always filters out owner. I am trying to filter out roles to only show the person logged in the roles that they are in and below.

Owner > Management > Operator.

So Owner see all, Management sees Management and Operator sees Operator.

Was kinda hoping it would spark some ideas for you…

You need to grab the current user, then get role information using system.user.getUser()

userName = system.security.getUsername() # Get currently logged in user userIn = system.user.getUser("", userName) # Get User object from UserSource ("" is project default) rolesIn=userIn.roles # Get available roles (returns as list) if "Owner" in rolesIn: # Check if "Owner" is in the user's role list return 1 # returns everything elif "Management" in rolesIn: # Check if "Management" is in the user's role list if role=="Owner": return 0 # disallow "Owner" else: return 1 # allow everything else else: # Otherwise... return 0 # disallow everything

1 Like

What I have done in situations like this is to have two user sources, so in your case:

place the “Owner” in the default user source and the others in a different source and make that source “soft” failover to the default.

In the project properties “Project/General” select the user source for the new source. This way the user management will only show the users for the new source and not the “Owner”.

The downside is that any roles that are unique to the default source will not show in the Security settings in the designer and will have to be scripted on to components. A work around is to add the role to the new user source while designing and use it then, and then delete it from that source after the design is complete, messy but it works