JS security question

Classic Servoy
1

HI

for a table: orders I don’t want the user to be able to delete.

this is the example, servoy gives me:

row = new Array();
row[0] = 'example_data.orders';
row[1] = JSSecurity.READ|JSSecurity.INSERT|JSSecurity.UPDATE|JSSecurity.DELETE|JSSecurity.TRACKING; //use bitwise 'or' for multiple flags
dataset.addRow(row);//setting table security

do I need to set a ! in front the JSSecurity.DELETE?

so this:?

row = new Array();
row[0] = 'example_data.orders';
row[1] = JSSecurity.READ|JSSecurity.INSERT|JSSecurity.UPDATE|!JSSecurity.DELETE|JSSecurity.TRACKING; //use bitwise 'or' for multiple flags
dataset.addRow(row);//setting table security
2

I think you should just omit the DELETE constant…

3

I don’t understand.

if I just run the sample:

var colNames = new Array();
colNames[0] = 'uuid';
colNames[1] = 'flags';
var dataset = databaseManager.createEmptyDataSet(0,colNames);

row = new Array();
row[0] = 'example_data.orders';
row[1] = JSSecurity.READ|JSSecurity.INSERT|JSSecurity.UPDATE|JSSecurity.DELETE|JSSecurity.TRACKING; //use bitwise 'or' for multiple flags
dataset.addRow(row);//setting table security

security.setSecuritySettings(dataset);//to be called in solution startup method

I get this error:

ReferenceError: "JSSecurity" is not defined.
4

That is a known problem. Use security instead of JSSecurity. See this viewtopic.php?f=8&t=15346&p=82365

5

ah thanks Patrick, just found the topic myself!