Edit Permissions Dialog

Hello I am trying to setup and understand the security permissions.

But i feel there is a lack of documentation which explains the relationship of  three tabs - 'Users', 'Groups' and 'Membership' so i am struggling to understand how you actually use this at run time, and if I am struggling how do I explain it to my software users!

Can anybody explain the relationship of the three tabs and how i would use them ? - do i have to set up permissions in each of the three tabs etc.? 


Next problem also in the Edit Permissions Dialog, on the first tab named 'Users',  you have two boxes...

 Users |         | permissions

if I use the green arrow buttons to move a permission to a user I get an error saying 'Field ID is required but not supplied'.
I cannot see in uilSecurityManager where you set the ID field, I have checked the quick setup guide an I have created all the fields.
which table needs this 'ID'?


Note that the quick setup document also appears to have a small error in the users table which is a bit confusing...
it says create the field 'LoginName'   but in the uilSecurityManager its set by default to 'Username'.
This in itself is not a big problem but it does raise the question is there other errors which maybe causing errors like the ID one above.


I don't see a demo app anywhere - is there one?



Ok update...  I have fixed the ID problem by making sure each of my tables have an ID column which is an autoinc primary key.

Also found the demo apps under programs folder, so that's a big help!

Did you find the quick start PDF documentation?

In this area, the uilSecurityManagerDlg I'm finding things awkward as well. I need the admin user to be able to edit permissions, and you have a beautiful screen for that by double clicking the component. How do I bring that up at run time for the admin? For changing the Password I can do this uilChangePasswordDlg.Execute but you don't have an execute, or show, or run command to display the uilSecurityManagerDlg.

If you want to edit the form policies, which I guess is what you want, there is the uilFormPolicyDialog that you can use to edit at runtime (by calling Execute)
The other dialog is for user management uilSecurityDlg and that dialog you can also show at runtime. (by calling Execute)
This is both demonstrated in the demo under menu items Tools : User Management and also under Tools : Form Policy

I did eventually figure that out. My question is now if I choose make visible/invisible for a menu item and add the person or group policy that makes it invisible to them how do I change that programmatically or does it just make it invisible if your on the list and you have to take them off the list to allow them to see it.. Also does it just do this at start up of the application or can I control it while they are in the application? Please excuse me if this is confusing, I'm hoping I am phrasing it right.

The initial setting is applied on form loading and it is changed when performing a login on the security system according to the policies of the logged-in user

So, what I'm seeing, is I have a menu item called "Employees Data" Joe is an admin, Sam is a clerk. If I do a policy for Clerks (which I have Sam under) that sets Show/Hide (an eye icon), Sam won't be able to see that choice in the menu. What I want to do is, if Sam gets an emergency post for someone he doesn't know (while in the application that has security enabled), push a button that will get him temporary access to the "Employee Data" so the menu item becomes visible for him, or change his access based on the policy component (I have tried changing the tables to reflect use directly, but the program seems to have problems with that). My second question is: Since Joe has access he's in the middle of Changing Employee Data, and we find out he is changing data for profiteering. We need to stop it immediately. Is there a way to lock him out before he does any more harm, or is his security there till he logs out?

These settings are applied when the user logs in. So, you might try to programmatically logout and login again with this user after changing the DB.
For the case of Joe the admin, the privileges are active till logout, so a logout would have to be forced.