Article Details
| Id: | 19971 |
| Product: | finPOWER Connect |
| Type: | NEW |
| Version: | 4.00.01 |
| Opened: | 24/01/2023 |
| Closed: | 20/02/2023 |
| Released: | 20/03/2023 |
| Job: | J030351 |
Portals; Allow Clients to download Account and Client Documents not belonging to the signed-in Client
Web Services security prevents Clients accessing another Client's Documents or Documents for an Account that the Client is not listed on.
However, there may be situations where a Portal needs to allow this functionality.
By encrypting the Id of the Account or Client when generating an Application Shortcut, this can be achieved, e.g.:
ApplicationShortcut = finBL.CreateApplicationShortcutDocumentManagerFile("Account", "AdviceA.PDF", finBL.HtmlWidgetUtilities.EncryptId("L10012"))ApplicationShortcut = finBL.CreateApplicationShortcutDocumentManagerFile("Client", "LetterA.PDF", finBL.HtmlWidgetUtilities.EncryptId("C10012"))
The above example allows the generated Application Shortcuts to download a document in Account L10012's Document Manager, even if the signed-in Client isn't listed on this Account. The second example allows the Client to download a different Client's Document.