Sage MAS 90 and 200 Sage MAS 500 blogs Product Feedback Support Training

General Discussion Topics

Reply
Topic Options
tmcclure
Contributor
tmcclure
Posts: 25
Registered: 08-29-2011
0
Accepted Solution

Security Group List

Options

09-01-2011 12:18 PM

I'm new to MAS so please take that into account:

Can you give me an example of a script I can run using the Query Analyzer that will list all MAS users alphabetically, with a list of permissions that they have. As in, I want to return output of ONLY the permissions that are "Normal, Supervisory, View" and only Security Events that are "Yes".

I'm far too much of a SQL n00b to bang that query out correctly. I've made a few stabs at it but I figured I'd ask here.

username, permissions that are allowed (no excluded ones listed), Security Event YES's only (no NO's), and maybe the security group they're in for good measure...

:smileyvery-happy:

"Difficult takes a day; impossible takes a week" -- Jay-Z
Message 1 of 3 (115 Views)
 
Reply
jnoll Sage MAS Partner
Sage MAS Partner
jnoll
Posts: 420
Registered: 11-04-2008

Re: Security Group List

Options

09-01-2011 02:06 PM

Here is a quick SQL statement to expose all security permissions within MAS500 (both task and events) by user group. The security structure in the tables in MAS500 is misleading, because both the tsmSecurEventPerm and tsmTaskPerm tables do not contain a record for every user group unless a change is made. This view accounts for that and returns the full set.

 

IF object_id(N'dbo.vsmSecurPerms_RKL', 'V') IS NOT NULL
DROP VIEW dbo.vsmSecurPerms_RKL
GO

CREATE VIEW dbo.vsmSecurPerms_RKL 
AS
select md.ModuleID
, ug.UserGroupID
, case ISNULL(sem.Authorized,0)
when 0 then 'No'
when 1 then 'Yes'
end as 'Permission'
, ls.LocalText as Description
, 'Event' as SecType
from tsmusergroup ug with (nolock) cross join
tsmSecurEvent se with (nolock) inner join
tsmModuleDef md with (nolock)
on md.ModuleNo = se.ModuleNo
left outer join tsmSecurEventPerm sem with (nolock)
on se.SecurEventID = sem.SecurEventID and sem.UserGroupID = ug.UserGroupID
inner join tsmLocalString ls with (nolock)
on se.DescStrNo = ls.StringNo
UNION ALL
select md.ModuleID
, ug.UserGroupID
, case tp.Rights
when 1 then 'Excluded'
when 2 then 'Display Only'
when 3 then 'Normal'
when 4 then 'Supervisory'
else 'Excluded'
end 'Rights'
, tsd.TaskLongName
, 'Task' As SecType
from tsmUserGroup ug with (nolock)
cross join tsmTask t with (nolock)
left outer join tsmTaskPerm tp with (nolock)
on ug.UserGroupID = tp.UserGroupID and tp.TaskID = t.TaskID
join tsmModuleDef md with (nolock)
on t.ModuleNo = md.ModuleNo
join tsmTaskTypeDef ttd with (nolock)
on t.TaskTypeID = ttd.TaskTypeID
join tsmModuleStrDef msd with (nolock)
on t.ModuleNo = msd.ModuleNo
join tsmTaskStrDef tsd with (nolock)
on t.TaskID = tsd.TaskID
GO

GRANT SELECT ON dbo.vsmSecurPerms_RKL TO PUBLIC
GO
GRANT SELECT ON dbo.vsmSecurPerms_RKL TO ApplicationDBRole
GO

select * from vsmSecurPerms_RKL

 

 

 

Joe Noll
RKL eSolutions LLC
http://www.rklesolutions.com
Message 2 of 3 (105 Views)
 
Reply
tmcclure
Contributor
tmcclure
Posts: 25
Registered: 08-29-2011
0

Re: Security Group List

Options

09-02-2011 06:07 AM

Joe, you're my new hero. Not only for the fabulous code but for the opportunity to use it to better my own understanding so that I won't have to ask so many noob questions in the future.

 

That's exactly what I needed, thank you sincerely!

T

"Difficult takes a day; impossible takes a week" -- Jay-Z
Message 3 of 3 (100 Views)
 
Reply