Solved

Context (scope)

  • 7 April 2022
  • 2 replies
  • 355 views
Rajith
Rank
Userlevel 2
Badge +5

Hi All,

question regarding Aurena contexts (scope). Just wanted to check if anyone has a workaround?

 

requirement: Some users must not see some fields on the Customer Order page.

 

Customer Order page is customised in Scope A (some fields hidden) and in Scope B (some other fields are hidden)

Is there a way to prevent User A accessing the page in scope B and User B accessing scope A.

if they know the url then there is no way to prevent that, am I correct?

 

Also prevent both of them accessing the global context for Customer Order page? that does not sound right though as everything comes from the global context.

 

TIA,

Rajith De Silva

 

icon

Best answer by Rusiru Dharmadasa 14 April 2022, 18:33

View original

2 replies

Rusiru Dharmadasa
Rank
Userlevel 7
Badge +19

If you use the context mapping page and assign scope A to user A, he sees all changes in this scope. Not the changes in the global context.

However if the user knows to change the URL, he can see the changes from other contexts as well. He just need to append scope =scope A at the end of the URL.

 

 Configurations and contexts are just client changes for the users to see a personalized view and that should never be used to control security as it’s  possible to easily bypass through various methods.

Rusiru
Rajith
Rank
Userlevel 2
Badge +5

Many thanks Rusiru.

Reply


Terms & ConditionsCookie settings