Sage 100

v2017 - It appears that security was tightened a bit in this release. We use a button script to archive vendor invoices. Certain users have the ability to overwrite an existing archive PDF if they belong to specific customization group in user maintenance. The script worked well in v2015. However it stopped working when we upgraded to v2017. After much trial and error, the user must at least have view rights to user maintenance for the line below to execute now. set oUser = oSession.AsObject(oSession.GetObject(""SY_User_bus"")) Does anyone have a work around for this? I can grant the user ""secret"" access for now, but it does allow the user to view user maintenance. Thoughts? TIA

What are you accomplishing with oUser? Checking some other permission?

the user customization group code has REV. The script determines whether the user is part of this REVision group. If they are, the script will execute. I suppose we could create a panel for this group and remove the validation lines or even use an @AlnoorCassim script to hide the button if they aren't members of the group. The button script worked well for two years.

Make a new role called CanChangePDF or BottomLiners or KaraokeMisfits or Cantankerites or something. Give it a description but don't choose any tasks, security events, module options. In User Maintenance select users that are part of this special customization group and just add this new role for them. Don't change whatever else they got. Change your script to use the IsMember() function to check if the current user is a member of CanChangePDF. The return value is either 0 (not a member so exit script) or > 0 (is a member ergo continue script). Take off the View Only access in User Maintenance.

To piggyback off Alnoor's comment, your IF could look like this: IF cBool(oSession.AsObject(oSession.Security).IsMember(""CanChangePDF"")) THEN

#KaraokeMisfits HHHHahha!

I always wondered if people understood Alnoor's and my inside jokes........