How to check the user's access group profile correctly?

K

KTG2017-07-26 10:51:57

1C

KTG, 2017-07-26 10:51:57

If an external report, the only one on which you need to limit the rights.
To do this, I created an empty profile of access groups - "SuperAccess".
In the report code, when opening, you need to check whether this profile is assigned to the user or not.
While doing so, by request:

Запрос.Текст = "ВЫБРАТЬ
        			| ГруппыДоступа.Ссылка
    				|	ИЗ
        			| Справочник.ГруппыДоступа КАК ГруппыДоступа
    				|	ГДЕ
        			|		ГруппыДоступа.Пользователи.Пользователь = &ТекущийПользователь
        			|			И 
          |		ГруппыДоступа.Наименование = "СуперДоступ";
  Запрос.УстановитьПараметр("ТекущийПользователь", ПараметрыСеанса.ТекущийПользователь);

How correct is the approach to solving the problem?
Maybe there are some built-in commands?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

Y

Yuri Goncharuk, 2017-07-26
@yukon39

Apparently, a BSP-based configuration is used. Can use the regular capabilities of the subsystem "Additional reports and processing"? There you can list by name all users to whom this report will be available.

A

Anton Anton, 2017-07-26
@Fragster

The external report must not depend on the profile names in the configuration. It's best to turn on RLS, create a profile with the right to this external report only, and write "everything except this" in other profiles that have access to external reports.