How to restrict access to portal gadgets
This presentation is part of the Portals Overview Self-Study Course.
Transcript
The client wishes to mask functionality from some types of users and enable the functionality for others.
To do this you have two options:
- Create multiple copies of the gadgets and apply the various versions of the gadgets to the appropriate portals. This may force you to create new Portal rules as well.
- Modify the gadget itself, making it dynamic based on data associated with the user such as operator id fields, privileges, access groups, access roles, etc.
The second option is the preferred option since it allows you to reduce the need for multiple versions of gadgets and portals, and you will only need to maintain a single gadget rule.
Going back to the second scenario in this class, the client has decided that they have changed their mind and would like to continue to display the profile information to all users, but only allow users with a specific Access Role to click the links and display the various rules.
To accomplish this complete the following steps:
- Copy the gadget Data-Gadget.Profile to your customized RuleSet.
- Update the portion of the gadget you wish to influence utilizing the <pega:choose> JSP Tag.
To do this, you can make the display of the operator id an anchored link only if the Rule-Obj-When rule @ baseclass.hasAdminRole proves true. Using the <Otherwise> tag, the gadget simply displays the operator id as text.
You can use this functionality to also add reports for specific operators in reporting gadgets, hide reports from some users, and display functionality like bulk processing for specific users. The same philosophy can be used in displaying workbaskets and worklists in portals.