Row Level Permission Setup at User Level in X3

By | December 28, 2021

In X3, we can provide restricted data access to external BPs or we can have restricted filtering on data which can be viewed by only particular Bps. Row level permission is nothing but filtering the data in a selective manner as a function or user concerned to be presented to the users when connected via other external connections. Using row level permission, we can allow users to access certain data defined in user setup.

Principles of functioning:

  1. There are certain role codes provided in selection list representing as an object.
  2. A role is associated with a list of functions for which a filter is applied on a given field.
  3. You can define one or more roles for a particular user.

Once this setup is done and the roles are defined for users:

  1. A filter is created in the object (quick select list, selection windows) on the code(s) defined in the user record.
  2. A control is made during the creation of the filtered fields.
  3. A filter can be carried out in the requester.

For example, by default user A can access all sites existing in X3 or can create new sites, too. As given in below screenshot, you can see currently user A can see/access all the sites exist in X3.

Fig a: By default site access

But if you want that user A should access only particular sites or you want to allow user A to create sites with certain names then you can setup the same as per below screenshot. Follow below steps for the same.

  1. Navigate to: Setup > Users > Users > Select user A
  2. Here, in permission code you have to enter object code as ‘FCY’ (site) to which you want to restrict access. In ‘key’ column you can setup the values for respective objects as here values defined are ‘AO011’ and ‘AO012’ which means user A can access/see only these two sites.
Fig b : Role management

In below screenshot, you can see only sites ‘AO011’ and ‘AO012’ are accessible to user A.

Fig c : Restricted site access

Also, currently there is no existing site ‘YSITE’ which is defined below. That means user A cannot create any site except ‘YSITE’ in future. If he attempts to create any site other than this, he will get an error. For example, if user A attempts to create site ‘ZSITE’ then he will get an error as shown in below screenshot.

Fig d : error message

Thus, you can allow restricted data access associated with objects to the users.