Security and Show/hide Expressions


Specify how to apply security settings and server-side show/hide expressions to individual columns in the SQL queries that are used to populate List and ViewBox controls.


To define security and/or server-side show/hide expressions for individual columns in a SQL query, click on the smart field for the Security and Show/hide Expressions property (as shown in the image below)

This will open a builder where you can define settings for each column in the SQL query.

At run-time, before the SQL is executed, if any of the columns in the SQL SELECT statement have security or show/hide expressions, the columns that should not be shown are removed from the SQL SELECT statement. This means that if a user is not authorized to see a particular column in a SQL query, the data that are sent to the client does not include the excluded columns.

Contrast this with applying security or show/hide expressions to individual fields in the List (in the 'Fields' pane of the List builder). When you apply security to List fields that merely removes a hidden column from the List display. But the data for the hidden column is still set to the client and would be visible if the user viewed the source of the page.

You can only apply security and show/hide settings to the SQL if Alpha Anywhere can parse the SQL statement. For example, if the data source for a List is a stored procedure, then, since this is not a parse-able statement, you cannot apply security and show/hide settings.