Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Show regions all showing up

Show regions all showing up

Thread began 10/29/2014 3:55 pm by rgolab68503 | Last modified 11/05/2014 10:15 am by Jason Byrnes | 1963 views | 9 replies |

10/29/2014 3:55 pm | #1 rgolab68503

Show regions all showing up

Hi Jason,

A while back when I created the site and then the email verify section I had everything working when it came to security and security levels. Show an hide regions. I created the first part of the site for a download and all of a sudden the security doesn;t work the same.

The scenario is we have a variety of visitors to the site. Either media people, dealer, sales reps, intermediate admin, admin or super user.

I have set up the login pages etc. and the users. Everything with the standard "Logged in to entry" works fine. However when logged in to this level everything shows up. All the menus that I would like hidden. i can't figure out where I changed something so that the security levels do not work anymore.

Not sure if i have given you enough details. Please let me know if you need more information.

10/30/2014 1:14 pm | #2 Jason ByrnesWebAssist

See Pm

10/30/2014 2:48 pm | #3 rgolab68503

When you log in with the guest info I gave you you should not be seeing the menus circles in the attached photo (menus.jpg).

I set up a temp user for you in the info below with a username and password. If you log in with those credentials you should be an admin person and the screen should look like it is in the picture. Other levels loose some of the other columns.

10/31/2014 9:53 am | #4 rgolab68503

Hi Jason. FTP info provided should work. Please let me know if you have issues.

10/31/2014 11:07 am | #5 Jason ByrnesWebAssist

The problem is in the way the rules are configured.

for example, the Toyo Rep rule is defined as:

Allow? IF Session SecurityAssist_ID Not Equal blank value
Allow? IF Session emailVerified Equal 1
Allow? IF Session Level In Group Toyo Rep

The way this gets evaluated is success because the Session SecurityAssist_ID is Not Equal blank value.

when using multiple conditions like this, the first condition that can be answered, causes the rule to be true

the way to configure this would be as:
Restrict? IF Session SecurityAssist_ID Equal blank value
Restrict? IF Session emailVerified Not Equal 1
Allow? IF Session Level In Group Toyo Rep

So the way that would be evaluated is:
Restrict? IF Session SecurityAssist_ID Equal blank value - Session is not equal "", no answer, so move to next
Restrict? IF Session emailVerified Not Equal 1 - session is equal to 1, no answer so move to next
Allow? IF Session Level In Group Toyo Rep - ok, session is in group, so allow, success

Or if the session was not in group, it would be false, so restrict.

11/03/2014 12:24 pm | #6 rgolab68503

Hi Jason,

I changed the rules to state:
Restrict? IF Session emailVerified Not Equal 1
Allow? IF Session Level In Group Toyo Rep

And the same for the other levels each pointing to their individual groups that allow for more access numbers in the column "Level". I get the same results. I am wondering if i have the session set properly and if it is even passing on this data at login?

I am also wondering that if I leave this line in within my Server side include ...
<?php require_once( "../webassist/security_assist/helper_php.php" ); ?>

See (error_message-1.jpg)

This line of course in in my source file. But when I remove this line the errors disappear and the page loads properly but in my servers behaviors panel when I am in and editing that include it states "prior version" (see attachment Levels-prior version.jpg) and if I try to update it from here I get the Javascript error (see attachment Java-error.jpg).

What is showing up now is no matter what i log in as (dealer, admin etc.) all that shows up is the first column. The mid-menu.php include does not show up at all.

Any ideas?

Now if i understand the security groups properly say you are a "super user" and you are logged in it looks to the groups and levels and sees that if column Level equals a 1,2,3,4 (all possible levels) then that area should show up. If they log in as say an admin they are set to 1,2,3 so only have access to those levels. In my mind this should work if the session is being passed properly.

FYI I even added on more restriction ...
Restrict? IF Session Level Not Equal 1
To see if that would help but same results.

I'll keep trying but if you could let me know where I'm going wrong hopefully that could speed things up a bit.

11/03/2014 1:02 pm | #7 Jason ByrnesWebAssist

Please provide a Skype username or a US phone number and a good time to contact you when you will be in front of your computer and we will have an engineer contact you to resolve this issue over the phone.

We are available Monday - Friday from 9am - 4pm EST (except major U.S. holidays).

11/03/2014 1:16 pm | #8 rgolab68503

See PM

11/05/2014 9:39 am | #9 rgolab68503

Hi Jason, thanks again for explaining the issue so clearly. I completely got the concept of the rules backwards.

Have a great day.

11/05/2014 10:15 am | #10 Jason ByrnesWebAssist

you're welcome.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.