No wonder, that must be something to do with error display and redirect that I opted the alternative. I think I wanted to just output the error message without having the page reload when user account status is inactive.
Thank you for sharing the steps 
I’ll update you on the outcome after trying it.
I setup the server action with permission and condition as per your post. Unfortunately, it didn’t work as expected.
I was still able to login with the user credentials where the status had been set to inactive.
That should not have been the case. Can you share some screenshots/code?
Hi @sid,
I have deleted the server action. But this was how I had set it up.
- I have 2 tables - tbl_user & tbl_user_data
- Database Action
- Security Provider with Permissions set up as: Table -> tbl_user_data; Identity Column -> tbl_user_data.fk_u_id which is linked to u_id PK in the tbl_user
- Security Provider Condition: Column -> Status equal to
true - Security Login
However, this was not checking the user status and letting the user login even when the status was set to false.
Can you share screenshots please?
There is no equal to true option as far as I remember. You might try 0 or 1.
Hi @sid,
This is what I had setup to check the user status. This method wasn’t checking the ud_status under Users and Permissions setup and was letting the user with inactive status login. Perhaps I didn’t configure the server action correctly.
So is this configuration with ud_status working for you now?
The screenshots look ok.
This configuration is not working.
From what I understand, setting up User Permissions to check user status in the Security Provider will not work as I’m not adding any user permission to the queries or page via Security Enforcer. I think that is why this permission setting is completely ignored by the subsequent server action.
You need to add security provider and security restrict on EACH AND EVERY server action you want to secure.
It does not matter if security enforcer is not set on the page level.