Script to check if current user is in a Security Group

A typical business case is to prevent editing of some specific fields to a set of organizational roles in Maximo. This is typically achieved by implementing attribute data restriction or conditional UI.

However, if you need more control over what field should be readonly and when, you can use an automation script on the INIT event of the object and implement the business rules in the code.

In the following script you will find the userInGroup function that can be reused whenever needed.

# Launch Point: PO - Initialize
# Initialize PO object
from psdi.server import MXServer

# Returns True if the user is in one of the groups
def userInGroup(grouplist):
    guSet = MXServer.getMXServer().getMboSet("GROUPUSER", mbo.getUserInfo())
    guSet.setWhere("userid='" + user + "' and groupname in (" + grouplist + ")")
    if guSet.isEmpty():
        return False
    return True

# description is readonly if the current user is not in MAXADMIN or PURCHMANAGER groups
if not userInGroup("'MAXADMIN', 'PURCHMANAGER'"):
    mbo.setFieldFlag("DESCRIPTION", mbo.READONLY, True)

A better approach…

Jason VenHuizen is suggesting a better approach that use a custom security option to grant the special behavior in the application. The technique is well described at the end of this post.

Script to check if current user is in a Security Group

One thought on “Script to check if current user is in a Security Group

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top