Prefix-based authorization codes, or Auth Codes, provide one way of restricting which users can create and edit exceptions. Using this method, each user is assigned one or more Auth Codes in the Dashboard application.
Auth Codes can range from one up to ten characters in length.
Any exception created by the user must have one of the user's allowed Auth Code set on it. Users can edit and delete any exception with an Auth Code that begins with one of that user's allowed codes. For example, if a user has an allowed code of 'ABC', that user can edit any exception whose Auth Code is 'ABC', 'ABCD', 'ABCE', etc. Users can view all exceptions.
Two options providers have been added to Self-Service to support prefix-based Auth Codes. The XML elements corresponding to these providers are found at the top of exception.xml:
<options name="authCodeOptions" provider="uachieve.selfservice.area.exception.web.provider.PrefixBasedAuthCodeOptionsProvider" /> <options name="reqOptions" provider="uachieve.selfservice.area.exception.web.provider.PrefixBasedAuthCodeRequirementOptionsProvider" />
Make sure that these elements are not commented out.
Next, configure any exception types that the authentication code restrictions will be on. To display the Auth Code field options for an exception type, add these lines to the page for that exception type:
<column name="authCode" label="Auth Code"> <detailView inputType="menu" options="authCodeOptions" allowBlank="false"> <permissions edit="nobody" read="SS_AREA_EXCEPTION" create="SS_AREA_EXCEPTION" /> </detailView> </column>
Some exception types (such as requirementmod) need a requirement name. Requirements can also be assigned Auth Codes. To limit which requirements the user can select, add these lines to the page for the exception type:
<column name="rname" label="Requirement Name"> <detailView inputType="menu" options="reqOptions" /> </column>
New in 188.8.131.52