Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Security access rules.

Security access rules.

Thread began 2/19/2015 6:23 am by bbgd | Last modified 2/19/2015 11:18 am by Jason Byrnes | 3149 views | 9 replies |

2/19/2015 6:23 am | #1 bbgd

Security access rules.

I would appreciate it if you could check my access rules to make sure i have them where they need to be.

Level 1 (MobileSupport) should only get into mobile_support.php & investors.php
Level 2 (OffGrid) should only get into offGrid.php & investors.php
Level 3 (FracWater) should only get into frac_water_filtering.php & investors.php
Level 4 (MajorClients) should be able to get into any of the 3 levels above.
Level 5 (Exec )should get it not expanded_scenarios.php, contactInfo.php and all pages assigned to levels 4 and below
Level 6 (Admin) should get into everything

I have attached the username and passwords for each in the private attachment

2/19/2015 9:22 am | #2 Jason ByrnesWebAssist

no, that doesn't look right.

your access groups look off.

for eaxmple:
Level 1 (MobileSupport) should only get into mobile_support.php & investors.php

so you are saying that user level 1 and 6 (Admin) should have access to mobile_support.php & investors.php

on those 2 pages you have applied the Exec access rule which is defined as:
Allow if Session Userlevel In Group Exec

The exec group is defined with the following members:
5

now there are 2 problems with this:
- this is not the level you say should get access to these pages, 1 is

- since you want these pages to be accessible to the admin also, the group should include 6

you have an access rule for mobile support, but it is set as:
all if Session user level = 1

you should create a mobile support user group with members 1 and 6 and use that group in the mobile support access rule, and use that access rule on the desired pages.

honestly your access groups look totally off.

the admin access group is defined with members:
1,2,3,4,5,6

that seams of, it should only have one member:
6

which is the admin user level.

2/19/2015 9:57 am | #3 bbgd

I'm still confused. What i am putting in the group is the security level of who I want to see that page. If that's so, is the following correct

Level 1 (MobileSupport) 1 & 6 in group
Level 2 (OffGrid) 2 & 6 in group
Level 3 (FracWater) 3 & 6 in group
Level 4 (MajorClients) 1, 2, 3, 5 & 6 in group
Level 5 (Exec ) 4, 5 & 6 in group
Level 6 (Admin) 6, no group

2/19/2015 9:59 am | #4 Jason ByrnesWebAssist

that looks correct.

also, make sure you have the proper access rule applied to the pages, as noted, you had applied the Exec access rule to pages that should be using the Mobile Support rule.

2/19/2015 10:32 am | #5 bbgd

I uploaded the new security assist stuff and now I can get into anything without a code. help. There is going to be some real sensitive stuff on here soon.

This is an addition. I just realized I have those empty things again. I will fix, re-upload and see what that does.

2/19/2015 10:35 am | #6 Jason ByrnesWebAssist

each of the access groups has an empty member.

For example, edit the Admin Access Group, and try to select the space under the 6, it allows you to select an empty space, delete that empty member.

same holds true for all access groups except Power Users and Admin and Visitor and Power users and Visitors

2/19/2015 10:52 am | #7 bbgd

Okay, I fixed the empty member problem. I deleted the cookies and went back to the page. I logged in the offGrid page which is level 2 and signed in with the code for level 4 which has access to 1, 2, & 3 levels. i then went to the contact info on the contact us. This is designated as Exec or level 5. I was able to get in without the code.

This is where my problem is. I want level 5 to be able to get into levels 1-4, but i don't want levels 1-4 to get into level 5. How do I put that.

2/19/2015 11:09 am | #8 Jason ByrnesWebAssist

I don't quite follow.

looking at the offered page, you have applied the offGrid access rule which is defined as
allow if user lever in group offGrid

offGrid has members defined as:
6,4,2

you can access that page when logged in as level 4 because 4 is a member of the access group that page uses.

"This is where my problem is. I want level 5 to be able to get into levels 1-4, but i don't want levels 1-4 to get into level 5. How do I put that."

it doesn't really work that way.

pages that you want to be accessed by levels 1-5 create a rule with an access group for levels 1-5

pages that level 5 should not be able to access, don't add level 5 to access group.

2/19/2015 11:12 am | #9 bbgd

I'm starting to grasp it. I need to add a seperate group for a 1-5 allowance

2/19/2015 11:18 am | #10 Jason ByrnesWebAssist

yes, if there are pages that need 1-5 allowance, you need a group and access rule to define that.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.