Hi everybody,
- Currently I have set up a user within a User Group that it has a Role (profile) associated
- This User Group has also very limited permissions (no design, no Zoom, basic tables, etc.)
- Role (profile) associated was customized (using /?customize&profile=XXXX) to hide different Unit Cost columns on Item, Item Ledger, etc.
- Role (profile) associated was customized also to prevent to be changed on Settings > My Settings > Role selector by hidding this field
- Checkbox "DisaRole (profile) associated was customized also to prevent to be changed on Settings > My Settings > Role selector by hidding this field
- "Disable Personalization" checkbox was also checked on user's Role (profile)
At this point, everything worked fine, so user couldn't change his role and see hidden columns. However, any sharp user could open BC by setting profile parameter in URL (bc-onprem/ and see any other data that he/she shoudn't.
Is there any way to avoid that within BC?
PD: I guess I can setup a group of allowed URLs on IIS preventing use of specific roles, but maybe that is like use a hammer to crack a nut...I've also tried out to disable read permissions to All Role table (200000178), but didn't worked as well.
Thanks in advance.
Roger
