Is there a way to setup rules in LS9 so Pay Rates of individuals with certain Job Codes can be hidden?
We need the ability for our HR and Payroll people to process and work in HR11, but only allow the managers of those departments to see the pay of executives. All of the executives have job codes above 8000 and are present in multiple companies and process levels.
We have something similar written by the consultant. Ours is based on another field, but it is similar. A group element is created. We have 3 security classes for no payroll access, all payroll access, and restricted payroll access (ie, payroll access if the employee is not an executive). The restrict security class looks something on that element group like:
if(isAlphaInRange(trim(getDBFieldByIdx('EMPLOYEE','JOBCODE',A'EMPSET1',COMPANY,EMPLOYEE)), '', ' You want to protect the fields on files (used in drills) and screens. The fields would have something like the following but look for the syntax: if(isElementGrpAccessible('','','',.COMPANY,table.EMPLOYEE)){'ALL_ACCESS,'}else{'NO_ACCESS,'} The screen fields like pay rate and calculated fields such as prorated salary and compa ratio would have something like: if(isElementGrpAccessible('','','',lztrim(form.EMP_COMPANY),lztrim(form.EMP_EMPLOYEE))){'ALL_ACCESS,'}else{'NO_ACCESS,'} ALL_ACCESS could be ALL_INQUIRIES or whatever you need. I apologize for typos or for issues with the job code field as I never remember when the hyphens are used or not used. The only issue we have had with this code is that security could not do the call to the database one day, and some people who had restrict access were able to see more than they should. Security issues no error messages to the users, but it put millions of lines into our ladb.log file. The rest of Lawson could connect to the database. I put in a ticket only to be told the issue was VMware which is a response I get every time I have a problem with DB connections or disappearing PIDs. If I had time to redo this, I would have included the lack of a job code as well as the restricted range as no access just in case the call returns nothing.
You want to protect the fields on files (used in drills) and screens. The fields would have something like the following but look for the syntax:
if(isElementGrpAccessible('','','',.COMPANY,table.EMPLOYEE)){'ALL_ACCESS,'}else{'NO_ACCESS,'}
The screen fields like pay rate and calculated fields such as prorated salary and compa ratio would have something like:
if(isElementGrpAccessible('','','',lztrim(form.EMP_COMPANY),lztrim(form.EMP_EMPLOYEE))){'ALL_ACCESS,'}else{'NO_ACCESS,'}
ALL_ACCESS could be ALL_INQUIRIES or whatever you need.
I apologize for typos or for issues with the job code field as I never remember when the hyphens are used or not used.
The only issue we have had with this code is that security could not do the call to the database one day, and some people who had restrict access were able to see more than they should. Security issues no error messages to the users, but it put millions of lines into our ladb.log file. The rest of Lawson could connect to the database. I put in a ticket only to be told the issue was VMware which is a response I get every time I have a problem with DB connections or disappearing PIDs.
If I had time to redo this, I would have included the lack of a job code as well as the restricted range as no access just in case the call returns nothing.
jbaisch, did you get this to work? I've been trying to figure out how best to handle a similar situation. I wish they'd have made it easy and put all the execs in a separate process level!