Skip to main content
Version: 1.21.3

User Criteria

In SimpleOne, access to content items and categories is controlled by the system administrators. They can create user criteria records and define access conditions to any objects based on the criteria specified.

Create user criteria


tip

Role required: admin, security_admin (for сreate-read-update-delete operations, also known as CRUD).

Users with non-administrative roles can only view user criteria created earlier.

To create a user criteria record, complete the steps below:

  1. Navigate to User Administration → User Criteria.
  2. Click New and fill in the fields.
  3. Click Save or Save and exit to apply the changes.

User criteria form fields

FieldMandatoryDescription
NameNSpecify the record name.
RolesNSpecify roles users should match.
GroupsNSpecify groups users should match.
UsersNSpecify user records to match.
Advanced conditionsNSelect this checkbox to specify a more precise condition. When selected, the Conditions field appears.
ConditionsNSpecify a more precise condition for your criteria using the condition builder. Empty condition always returns true.
This field appears when the Advanced conditions checkbox is selected.
Specified conditions are applied to users from the Employee table. For users from the User table and other tables extended from it, or from the Employee table, specified conditions return false.
Match all rolesNSelect this checkbox if the user must have all roles specified in the Roles field to meet the criteria.
Match all groupsNSelect this checkbox if the user must be a member of all the groups specified in the Groups field to meet the criteria.
ActiveNSelect this checkbox to activate the user criteria.
CompaniesNSpecify the company the user should match. Leave this field empty if users from all companies are allowed.
LocationsNSpecify the location the user should match. Leave this field empty if users from all locations are allowed.
DepartmentNSpecify the divisions the user should match. Leave this field empty if users from all divisions are allowed.
Match allNSelect this checkbox if all conditions in this record must be met to provide access. If the checkbox is clear, users must meet one of the criteria to gain access.
As an example, consider the following user criteria record with the conditions:
  • Location P or Q
  • Company X or Y
If the Match all checkbox is selected, access is permitted only to the users with these locations and companies. An employee from company X and location Q can access objects, as well as an employee from company Y and location P.
If the Match all checkbox is clear, a user must meet at least one of these conditions. An employee with a location Q as well as an employee with company X can access objects.

API usage


The SimpleUserCriteria server-side API class allows you to perform your tasks when you work with the user criteria functionality.

Use case


You need to restrict access to the service catalog so that only certain users can access and manage it: users of the Content managers group from Moscow, Russia.

To do so, create a user criteria record and set the conditions.

  1. Navigate to User Administration → User Criteria.
  2. Click New and fill in the fields:
FieldValue
NameCriteria for Service Catalog
Groupscontent_manager
LocationMoscow, Russia
  1. Navigate to System Secutiry → Access Control (ACL).
    • In the Table field, select Service Catalog.
  2. Fill the script with the following SimpleUserCriteria() method – userAcceptanceByCriteria(user, criteria).
const uc = new SimpleUserCriteria();
ss.info(uc.userAcceptanceByCriteria(ss.getUserID(), '158617888715304763'));
// Info: true