Question

Conditions to show delete button

0

Hi, I need to show a delete button only if the current user is the entity’s owner or he’s the administrator. I know “[%CurrentUser%]=$currentObject/System.owner “ is a solution to the first part, but I don’t know what to do regarding the second one.

asked 2020-09-01

Karen Gomes

3 answers

Javith Baig · Answer 1 · 2020-09-04

Hello Karen,

You can use like …/Administration.Account/System.UserRoles = '[%UserRole_Administrator%]'

Lennart Spaans · Answer 2 · 2020-09-04

Acces rules are defined per user role, so you only need to allow the Admin role to delete the objects.

Add an admin role to the module if you don't have it already.
Add a new acces rule for the entity, and tick the ‘allow deleting existing objects’ box.

Rene van Hofwegen · Answer 3 · 2020-09-06

Both can and should be covered at security level.

current user is the entity’s owner:

Access rule 1: allowed to delete objects: true

+ Whatever the module role is allowed to do

Add on the access rule an xpath: [System.owner='[%CurrentUser%]']

Access rule 2: allowed to delete objects: false

+ Whatever the module role is allowed to do

Administrator:

Access rule with: allowed to delete objects: true

+ Whatever the module role is allowed to do