Entity Access Restrictions

We want to define a hierarchy of employees, for that we have defined an relationship in the account entity called supervisor_supervised. We want to apply an XPath constraint at entity level so supervised data can only been seen by its supervisor or any supervisor above in the hierarchy. We do not want to define a fixed amount of layers in the hierarchy.     Does anyone know a way in which we can achieve this?
1 answers

Hi Dan,

The nature of an unlimited hierarchy doesn't lend itself well to XPath queries (or SQL queries as they ultimately are when run against the database).

Instead, I'd recommend that you keep your hierarchy association that administrators will be able to set, and then create a second many-to-many relationship that you maintain on commit of a change, which should be used for your XPath constraint. Whenever a change in supervisor is made, you'll want to "walk up the tree" from a user and add anyone who is their supervisor in the tree to the many-to-many relationship.

I've seen this design pattern work well in the past. But be wary of infinite loops when building this out - it can be easy to accidentally make a loop in your hierarchy.