Security on Post action in Journal Entry

FYI here because I'm working on the same thing. If you restrict the process based on a group and a user from that group attempts to post it appears to post the group but does not (no message). But, I went in as another user to post the group and couldn't open it; it said the first user already had the record open. For 8.03.409c it seems to keep the record open.

I used a pre-processing BPM for GLJrnGrp.PostGroupJournals to achieve the same thing...

Condition: the user called the method belongs to -> GL Post Approval group
Action: raise exception based on the Prevent Approver From Posting template

--- In vantage@yahoogroups.com, Jose Gomez <jose@...> wrote:
>
> Why not use Process Secrityr?
> System management - Security Process Security.
>
> *Jose C Gomez*
> *Software Engineer*
> *
> *
> *
> *T: 904.469.1524 mobile
> E: jose@...
> http://www.josecgomez.com
> <http://www.linkedin.com/in/josecgomez> <http://www.facebook.com/josegomez>
> <http://www.google.com/profiles/jose.gomez> <http://www.twitter.com/joc85>
> <http://www.josecgomez.com/professional-resume/>
> <http://www.josecgomez.com/feed/>
> <http://www.usdoingstuff.com>
>
> *Quis custodiet ipsos custodes?*
>
>
>
> On Wed, Sep 12, 2012 at 3:28 PM, Tony Hughes <thughes281@...> wrote:
>
> > **
> >
> >
> > John, thanks for the quick reply.
> >
> > I ran a trace and I could see the CheckBalance method of the
> > Epicor.Mfg.BO.GLJournalEntry object being called, and the post was the
> > PostGroupJournals method of Epicor.Mfg.BO.GLJrnGrp object.
> >
> > I did a "raise exception if not member of a group" on the
> > PostGroupJournals and it works as I want - stopping the Post process while
> > allowing creation of journal entries, saving of group, etc.
> >
> > Does this sound correct? Does anyone know if there are other places I need
> > to worry about this?
> >
> > PS. We are on 8.03.409a
> >
> > --- On Wed, 9/12/12, John Driggers <waffqle@...> wrote:
> >
> > > From: John Driggers <waffqle@...>
> > > Subject: Re: [Vantage] Security on Post action in Journal Entry
> > > To: vantage@yahoogroups.com
> > > Date: Wednesday, September 12, 2012, 6:42 PM
> >
> > > If I'm not mistaken, the Post process
> > > runs async and you can't really latch
> > > onto it with a BPM. That said, there is a PrePost (I believe
> > > that's the
> > > name, run a trace to check) method that gets called right
> > > before it. If you
> > > latch on to this, you should be ok.
> > >
> > > *John Driggers*
> > > **
> > > *Chief Data Wrangler*
> > > *
> > > *
> > > *I have an Epicor blog <http://usdoingstuff.com/>. How useful is that?*
> > > *
> > > *:: 904.404.9233
> > > :: waffqle@...
> > > :: http://www.usdoingstuff.com <http://www.usdoingstuff.com/>
> > >
> > > *
> > >
> > > *
> > >
> > >
> > >
> > > On Wed, Sep 12, 2012 at 2:32 PM, Tony Hughes <thughes281@...>
> > > wrote:
> > >
> > > > **
> > > >
> > > >
> > > > What is the security object for the Post action in
> > > Journal Entry?
> > > >
> > > > If I want to allow creating a journal entry for one
> > > group of people, but
> > > > only another person may actually Post, am I going about
> > > this the best way?
> > > > Thanks.
> > > >
> > > > Anthony Hughes
> > > >
> > > >
> > >
> > >
> > > [Non-text portions of this message have been removed]
> > >
> > >
> > >
> > > ------------------------------------
> > >
> > > Useful links for the Yahoo!Groups Vantage Board are: (
> > > Note: You must have already linked your email address
> > > to a yahoo id to enable access. )
> > > (1) To access the Files Section of our Yahoo!Group for
> > > Report Builder and Crystal Reports and other 'goodies',
> > > please goto: http://groups.yahoo.com/group/vantage/files/.
> > > (2) To search through old msg's goto:
> > http://groups.yahoo.com/group/vantage/messages
> > > (3) To view links to Vendors that provide Vantage services
> > > goto: http://groups.yahoo.com/group/vantage/linksYahoo!
> > > Groups Links
> > >
> > >
> > > vantage-fullfeatured@yahoogroups.com
> > >
> > >
> >
> >
> >
>
>
> [Non-text portions of this message have been removed]
>

What is the security object for the Post action in Journal Entry?

If I want to allow creating a journal entry for one group of people, but only another person may actually Post, am I going about this the best way?
Thanks.

Anthony Hughes

If I'm not mistaken, the Post process runs async and you can't really latch
onto it with a BPM. That said, there is a PrePost (I believe that's the
name, run a trace to check) method that gets called right before it. If you
latch on to this, you should be ok.

*John Driggers*
**
*Chief Data Wrangler*
*
*
*I have an Epicor blog <http://usdoingstuff.com/>. How useful is that?*
*
*:: 904.404.9233
:: waffqle@...
:: http://www.usdoingstuff.com <http://www.usdoingstuff.com/>

*

*

On Wed, Sep 12, 2012 at 2:32 PM, Tony Hughes <thughes281@...> wrote:

> **
>
>
> What is the security object for the Post action in Journal Entry?
>
> If I want to allow creating a journal entry for one group of people, but
> only another person may actually Post, am I going about this the best way?
> Thanks.
>
> Anthony Hughes
>
>


[Non-text portions of this message have been removed]

John, thanks for the quick reply.

I ran a trace and I could see the CheckBalance method of the Epicor.Mfg.BO.GLJournalEntry object being called, and the post was the PostGroupJournals method of Epicor.Mfg.BO.GLJrnGrp object.

I did a "raise exception if not member of a group" on the PostGroupJournals and it works as I want - stopping the Post process while allowing creation of journal entries, saving of group, etc.

Does this sound correct? Does anyone know if there are other places I need to worry about this?

PS. We are on 8.03.409a

--- On Wed, 9/12/12, John Driggers <waffqle@...> wrote:

> From: John Driggers <waffqle@...>
> Subject: Re: [Vantage] Security on Post action in Journal Entry
> To: vantage@yahoogroups.com
> Date: Wednesday, September 12, 2012, 6:42 PM
> If I'm not mistaken, the Post process
> runs async and you can't really latch
> onto it with a BPM. That said, there is a PrePost (I believe
> that's the
> name, run a trace to check) method that gets called right
> before it. If you
> latch on to this, you should be ok.
>
> *John Driggers*
> **
> *Chief Data Wrangler*
> *
> *
> *I have an Epicor blog <http://usdoingstuff.com/>. How useful is that?*
> *
> *:: 904.404.9233
> :: waffqle@...
> :: http://www.usdoingstuff.com <http://www.usdoingstuff.com/>
>
> *
>
> *
>
>
>
> On Wed, Sep 12, 2012 at 2:32 PM, Tony Hughes <thughes281@...>
> wrote:
>
> > **
> >
> >
> > What is the security object for the Post action in
> Journal Entry?
> >
> > If I want to allow creating a journal entry for one
> group of people, but
> > only another person may actually Post, am I going about
> this the best way?
> > Thanks.
> >
> > Anthony Hughes
> >Â
> >
>
>
> [Non-text portions of this message have been removed]
>
>
>
> ------------------------------------
>
> Useful links for the Yahoo!Groups Vantage Board are: (
> Note:Â You must have already linked your email address
> to a yahoo id to enable access. )
> (1) To access the Files Section of our Yahoo!Group for
> Report Builder and Crystal Reports and other 'goodies',
> please goto: http://groups.yahoo.com/group/vantage/files/.%c2%a0
> (2) To search through old msg's goto: http://groups.yahoo.com/group/vantage/messages
> (3) To view links to Vendors that provide Vantage services
> goto: http://groups.yahoo.com/group/vantage/linksYahoo!
> Groups Links
>
>
> Â Â vantage-fullfeatured@yahoogroups.com
>
>

Why not use Process Secrityr?
System management - Security Process Security.

*Jose C Gomez*
*Software Engineer*
*
*
*
*T: 904.469.1524 mobile
E: jose@...
http://www.josecgomez.com
<http://www.linkedin.com/in/josecgomez> <http://www.facebook.com/josegomez>
<http://www.google.com/profiles/jose.gomez> <http://www.twitter.com/joc85>
<http://www.josecgomez.com/professional-resume/>
<http://www.josecgomez.com/feed/>
<http://www.usdoingstuff.com>

*Quis custodiet ipsos custodes?*

On Wed, Sep 12, 2012 at 3:28 PM, Tony Hughes <thughes281@...> wrote:

> **
>
>
> John, thanks for the quick reply.
>
> I ran a trace and I could see the CheckBalance method of the
> Epicor.Mfg.BO.GLJournalEntry object being called, and the post was the
> PostGroupJournals method of Epicor.Mfg.BO.GLJrnGrp object.
>
> I did a "raise exception if not member of a group" on the
> PostGroupJournals and it works as I want - stopping the Post process while
> allowing creation of journal entries, saving of group, etc.
>
> Does this sound correct? Does anyone know if there are other places I need
> to worry about this?
>
> PS. We are on 8.03.409a
>
> --- On Wed, 9/12/12, John Driggers <waffqle@...> wrote:
>
> > From: John Driggers <waffqle@...>
> > Subject: Re: [Vantage] Security on Post action in Journal Entry
> > To: vantage@yahoogroups.com
> > Date: Wednesday, September 12, 2012, 6:42 PM
>
> > If I'm not mistaken, the Post process
> > runs async and you can't really latch
> > onto it with a BPM. That said, there is a PrePost (I believe
> > that's the
> > name, run a trace to check) method that gets called right
> > before it. If you
> > latch on to this, you should be ok.
> >
> > *John Driggers*
> > **
> > *Chief Data Wrangler*
> > *
> > *
> > *I have an Epicor blog <http://usdoingstuff.com/>. How useful is that?*
> > *
> > *:: 904.404.9233
> > :: waffqle@...
> > :: http://www.usdoingstuff.com <http://www.usdoingstuff.com/>
> >
> > *
> >
> > *
> >
> >
> >
> > On Wed, Sep 12, 2012 at 2:32 PM, Tony Hughes <thughes281@...>
> > wrote:
> >
> > > **
> > >
> > >
> > > What is the security object for the Post action in
> > Journal Entry?
> > >
> > > If I want to allow creating a journal entry for one
> > group of people, but
> > > only another person may actually Post, am I going about
> > this the best way?
> > > Thanks.
> > >
> > > Anthony Hughes
> > >
> > >
> >
> >
> > [Non-text portions of this message have been removed]
> >
> >
> >
> > ------------------------------------
> >
> > Useful links for the Yahoo!Groups Vantage Board are: (
> > Note: You must have already linked your email address
> > to a yahoo id to enable access. )
> > (1) To access the Files Section of our Yahoo!Group for
> > Report Builder and Crystal Reports and other 'goodies',
> > please goto: http://groups.yahoo.com/group/vantage/files/.
> > (2) To search through old msg's goto:
> http://groups.yahoo.com/group/vantage/messages
> > (3) To view links to Vendors that provide Vantage services
> > goto: http://groups.yahoo.com/group/vantage/linksYahoo!
> > Groups Links
> >
> >
> > vantage-fullfeatured@yahoogroups.com
> >
> >
>
>
>


[Non-text portions of this message have been removed]

Way back when we moved to 8, 5-6 yrs ago, I didn't realize you could do simple access/deny permissions on processes. So I wrote a lot of BPMs to do this.
Now that I know, I still do it the old way I did originally. I think because I like the message box capability on the raise exception. it lets me tell users that you can't do something, and if you need to, go see (insert name of person).
Is there advantage to using Process Security to allow/deny access to a method?

--- On Wed, 9/12/12, Jose Gomez <jose@...> wrote:

> From: Jose Gomez <jose@...>
> Subject: Re: [Vantage] Security on Post action in Journal Entry
> To: vantage@yahoogroups.com
> Date: Wednesday, September 12, 2012, 7:42 PM
> Why not use Process Secrityr?
> System management - Security Process Security.
>
> *Jose C Gomez*
> *Software Engineer*
> *
> *
> *
> *T: 904.469.1524 mobile
> E: jose@...
> http://www.josecgomez.com
> <http://www.linkedin.com/in/josecgomez>Â <http://www.facebook.com/josegomez>
> Â <http://www.google.com/profiles/jose.gomez> <http://www.twitter.com/joc85>
> Â <http://www.josecgomez.com/professional-resume/>
> <http://www.josecgomez.com/feed/>
> Â <http://www.usdoingstuff.com>
>
> *Quis custodiet ipsos custodes?*
>
>
>
> On Wed, Sep 12, 2012 at 3:28 PM, Tony Hughes <thughes281@...>
> wrote:
>
> > **
> >
> >
> > John, thanks for the quick reply.
> >
> > I ran a trace and I could see the CheckBalance method
> of the
> > Epicor.Mfg.BO.GLJournalEntry object being called, and
> the post was the
> > PostGroupJournals method of Epicor.Mfg.BO.GLJrnGrp
> object.
> >
> > I did a "raise exception if not member of a group" on
> the
> > PostGroupJournals and it works as I want - stopping the
> Post process while
> > allowing creation of journal entries, saving of group,
> etc.
> >
> > Does this sound correct? Does anyone know if there are
> other places I need
> > to worry about this?
> >
> > PS. We are on 8.03.409a
> >
> > --- On Wed, 9/12/12, John Driggers <waffqle@...>
> wrote:
> >
> > > From: John Driggers <waffqle@...>
> > > Subject: Re: [Vantage] Security on Post action in
> Journal Entry
> > > To: vantage@yahoogroups.com
> > > Date: Wednesday, September 12, 2012, 6:42 PM
> >
> > > If I'm not mistaken, the Post process
> > > runs async and you can't really latch
> > > onto it with a BPM. That said, there is a PrePost
> (I believe
> > > that's the
> > > name, run a trace to check) method that gets
> called right
> > > before it. If you
> > > latch on to this, you should be ok.
> > >
> > > *John Driggers*
> > > **
> > > *Chief Data Wrangler*
> > > *
> > > *
> > > *I have an Epicor blog <http://usdoingstuff.com/>. How useful is that?*
> > > *
> > > *:: 904.404.9233
> > > :: waffqle@...
> > > :: http://www.usdoingstuff.com <http://www.usdoingstuff.com/>
> > >
> > > *
> > >
> > > *
> > >
> > >
> > >
> > > On Wed, Sep 12, 2012 at 2:32 PM, Tony Hughes
> <thughes281@...>
> > > wrote:
> > >
> > > > **
> > > >
> > > >
> > > > What is the security object for the Post
> action in
> > > Journal Entry?
> > > >
> > > > If I want to allow creating a journal entry
> for one
> > > group of people, but
> > > > only another person may actually Post, am I
> going about
> > > this the best way?
> > > > Thanks.
> > > >
> > > > Anthony Hughes
> > > >
> > > >
> > >
> > >
> > > [Non-text portions of this message have been
> removed]
> > >
> > >
> > >
> > > ------------------------------------
> > >
> > > Useful links for the Yahoo!Groups Vantage Board
> are: (
> > > Note:Â You must have already linked your
> email address
> > > to a yahoo id to enable access. )
> > > (1) To access the Files Section of our Yahoo!Group
> for
> > > Report Builder and Crystal Reports and other
> 'goodies',
> > > please goto: http://groups.yahoo.com/group/vantage/files/.
> > > (2) To search through old msg's goto:
> > http://groups.yahoo.com/group/vantage/messages
> > > (3) To view links to Vendors that provide Vantage
> services
> > > goto: http://groups.yahoo.com/group/vantage/linksYahoo!
> > > Groups Links
> > >
> > >
> > >Â Â Â Â vantage-fullfeatured@yahoogroups.com
> > >
> > >
> >
> >Â
> >
>
>
> [Non-text portions of this message have been removed]
>
>
>
> ------------------------------------
>
> Useful links for the Yahoo!Groups Vantage Board are: (
> Note:Â You must have already linked your email address
> to a yahoo id to enable access. )
> (1) To access the Files Section of our Yahoo!Group for
> Report Builder and Crystal Reports and other 'goodies',
> please goto: http://groups.yahoo.com/group/vantage/files/.%c2%a0
> (2) To search through old msg's goto: http://groups.yahoo.com/group/vantage/messages
> (3) To view links to Vendors that provide Vantage services
> goto: http://groups.yahoo.com/group/vantage/linksYahoo!
> Groups Links
>
>
> Â Â vantage-fullfeatured@yahoogroups.com
>
>