+ Start a Discussion
baller4life7baller4life7 

ACCESS rights for vf page based on user roles/groups

Hey guys,

I already know that one can set access rights for vf pages based on user profiles. But what is the best and quickest way to set access rights based on user roles/groups?

 

Thank you

Josh

Best Answer chosen by Admin (Salesforce Developers) 
baller4life7baller4life7

Here's my final solution:

 

Controller:

 

public Boolean isMemberOfGroup
{ set; }

// Returns whether the current user is in a certain group or not
public Boolean getIsMemberOfGroup()
	{
		if(UserInfo.getUserRoleId() != null)
		{
			List<String> roleRelatedGroupIds = new List<String>();
			for (Group g : [SELECT id, RelatedId, Type
							FROM Group
							WHERE RelatedId = :UserInfo.getUserRoleId()])
			{
			   roleRelatedGroupIds.add(g.id);
			}

			for (GroupMember gm : [SELECT Id, group.id, group.name, group.type
						FROM GroupMember
						WHERE (UserOrGroupId = :UserInfo.getUserId() AND group.type='Regular')
						OR (UserOrGroupId IN :roleRelatedGroupIds AND group.type='Regular')])
			{
				if(gm.group.id == 'xxxxxxxxxxxx')
					return true; 
			}
		}
		return false;
	}

 

Visualforce Page:

 

...

    <apex:outputText value="You are not allowed to access this site" rendered="{!NOT(isMemberOfGroup)}"></apex:outputText>
    <apex:pageBlock rendered="{!isMemberOfGroup}">

...

 

Works for me! :)

All Answers

Shashikant SharmaShashikant Sharma

Don't  think there is any way that salesforce provides for Setting Access right on Pages. You have to use your own way like using a custom seeting where you can set and render a message insuffiecient priviledges  according to custom setting.

baller4life7baller4life7

Thank you for your fast answer!

Would you recommend a controller with a boolean property and a boolean method that checks whether the current user is in a certain role/group?

 

How can I forward the user to a specific site ( something like "Sorry, no access rights!" ), if the user is not in that certain role/group?

Shashikant SharmaShashikant Sharma

You can have a page level action in this you will check the rights and if user does not have you can just navigate user to some other page showing "Sorry, no authorization!" .

baller4life7baller4life7

Thanks for your answer!

I'm quiet new to Salesforce.com. Please give me a small code example how that could look like!

 

Thank you

Josh

baller4life7baller4life7

Here's my final solution:

 

Controller:

 

public Boolean isMemberOfGroup
{ set; }

// Returns whether the current user is in a certain group or not
public Boolean getIsMemberOfGroup()
	{
		if(UserInfo.getUserRoleId() != null)
		{
			List<String> roleRelatedGroupIds = new List<String>();
			for (Group g : [SELECT id, RelatedId, Type
							FROM Group
							WHERE RelatedId = :UserInfo.getUserRoleId()])
			{
			   roleRelatedGroupIds.add(g.id);
			}

			for (GroupMember gm : [SELECT Id, group.id, group.name, group.type
						FROM GroupMember
						WHERE (UserOrGroupId = :UserInfo.getUserId() AND group.type='Regular')
						OR (UserOrGroupId IN :roleRelatedGroupIds AND group.type='Regular')])
			{
				if(gm.group.id == 'xxxxxxxxxxxx')
					return true; 
			}
		}
		return false;
	}

 

Visualforce Page:

 

...

    <apex:outputText value="You are not allowed to access this site" rendered="{!NOT(isMemberOfGroup)}"></apex:outputText>
    <apex:pageBlock rendered="{!isMemberOfGroup}">

...

 

Works for me! :)

This was selected as the best answer
Hary464Hary464

HI friends,

 

In my application i have requirement for one visulaforce page like if supervisor logins,need to display the entire header component of the page along with the managers records and the employees under that manager.if manager logins,need to display all the employees under him and if employee logins,no need to show the header.

 

 

Please help me..i am unable to write the SOQL query to fetch id's.


baller4life7 wrote:

Here's my final solution:

 

Controller:

 

public Boolean isMemberOfGroup
{ set; }

// Returns whether the current user is in a certain group or not
public Boolean getIsMemberOfGroup()
	{
		if(UserInfo.getUserRoleId() != null)
		{
			List<String> roleRelatedGroupIds = new List<String>();
			for (Group g : [SELECT id, RelatedId, Type
							FROM Group
							WHERE RelatedId = :UserInfo.getUserRoleId()])
			{
			   roleRelatedGroupIds.add(g.id);
			}

			for (GroupMember gm : [SELECT Id, group.id, group.name, group.type
						FROM GroupMember
						WHERE (UserOrGroupId = :UserInfo.getUserId() AND group.type='Regular')
						OR (UserOrGroupId IN :roleRelatedGroupIds AND group.type='Regular')])
			{
				if(gm.group.id == 'xxxxxxxxxxxx')
					return true; 
			}
		}
		return false;
	}

 

Visualforce Page:

 

...

    <apex:outputText value="You are not allowed to access this site" rendered="{!NOT(isMemberOfGroup)}"></apex:outputText>
    <apex:pageBlock rendered="{!isMemberOfGroup}">

...

 

Works for me! :)