Classic client was created by Clarify as a Microsoft application using MFC (Microsoft Foundation Classes). Classic client behavior (customization) uses a licensed Visual basic 5 library named BasicScript, developed by Summit software. This library was further enhanced by Clarify Corporation to support the original CRM metadata layer named POMS (persistent object management system). The enhanced VB5 customization library is known as ‘
The Smart Client architecture is built on an infrastructure that provides the following:
- Have an application workspace
- Launch application forms
- Communicate with the server
- Manage data binding between datasets and the form’s controls at both directions.
The client side infrastructure is described by the following set of components.
The request/response manager works with different communication protocols (i.e http) to submit the request from the client and to handle responses back from the server.
Q: I have a CRM console application, this is some code snipet:
Application app = new Application(); Session session = app.createSession(); session.login("sa", "sa");
Everytime i run it, i get error at line : app.createSession(); it says something like it could not find ASC configuration ….
Do I miss some configuration some where? How to make console program works?
Using CBO Environment
The code snippets above use CBO functionality which is used by Amdocs CRM application.
While CBO initiates its operation, it looks for an initialization configuration file named ‘clarify.env’. This file contains several important definitions, such as JDBC connection information, which are mandatory for its operation.
One of the parameters included in clarify.env tells the application the location of Amdocs System Configuration (ASC) data. This data can be located either on disk as XML files or stored in the database instance indicated by the JDBC connection parameters.
The clarify.env is located in a directory called ‘bin’ which contains all relevant application dynamic runtime libraries (*.dll for windows, *.so for Unix flavors). This directory could be located anywhere provided the operating system has its path defined correctly
For example: Assuming our ‘bin’ directory is located at the following path:
(Windows) – we need to make sure this path is included in a system variable named ‘PATH’.
Once CBO understands where the data is located, then it looks for certain parameters within these data to determine its connections with CRM database (and possibly other database instances used by other applications).
In other words: In order to properly use the CBO layer the application must:
- Know its ASC data location
- Extract and use proper resource definitions (such as the CRM database connection) from the ASC data
regardless the location of the ASC data (on disk or in the database).
Here is an example for a full clarify.env file:
########## C:\CRM800\Apps\CrmApps\bin_crm ################ ##### Used for Initial Connection ###### jdbc_db_name=CRM800 jdbc_db_server=localhost jdbc_db_port=1521 ######### Conf file location ###################################### # -- FOR DB READ - ##### # # Used here to read from file. # to read and store in db, comment the following line config_file_location=C:\CRM800\apps\server\dbadmin800\config\_main_abs_crm ############################################################## ######### Conf file type ############################################## # -- CURRENTLY SET TO RETRIEVE PARAMS FROM baseConfig -- ##### # baseConfig - Used for Smart apps # baseConfigThin - Used for thin apps crm_config=baseConfig ################################################################### app_server=weblogic app_server_datasource=CRM800_XA_DataSource app_server_nonxa_datasource=CRM800_NXA_DataSource app_server_password=weblogic app_server_login_name=weblogic unicode_db=y login_name=sa db_password=sa db_name=CRM800 db_server=localhost db_driver=Oracle db_type=oracle90 Predef_User_Name=sa Predef_User_Password=sa clr_loc=1033 machinerole=Server dataaccesslocation=InProc unicode_app=y charsetconvert=n ; The following class path config works for Core CRM ;---------------------------------------------------------------------------- Java_Classpath=C:/CRM800/Apps/CrmApps/lib_crm_app/acfglib.jar; C:/CRM800/Apps/CrmApps/lib_crm_app/ClfyCore.jar; C:/CRM800/Apps/CrmApps/lib_crm_app/AmdocsCore.jar; C:/CRM800/Apps/CrmApps/lib_crm_app/jdom.jar; C:/CRM800/Apps/CrmApps/lib_crm_app/ojdbc14.jar; jar_path=C:/CRM800/Apps/CrmApps/lib_crm_app java_args=-Xms512m -Xmx512m ;---------------------------------------------------------------------------- ##### Use the following to switch-on Trace log #### trace=Y tracekeys=sql,lpoms,config,apm ##### Use the following to switch-on ASC log #### # enable_asc_log=true ##### Other Parameters ##################### JAVA_HOME=c:\Java\jdk150_12 billing_app_id=ACM provisioning_app_id=PROV fulfillment_app_id=FC urm_default_pool=13 user_admin_priv=System Administrator weblicense=on java_pool_size=50m large_pool_size=60m output_charset=UTF-8 NLS_LANG=AMERICAN_AMERICA.AL32UTF8
In order to run a console application, you do not need the full clarify.env file, since some of the parameters above refer to an application server (Weblogic) environment.
Here are explanations for the most important parameters:
JDBC connection parameters, required for some initialization work (I.e. access and search ASC data).
ASC files location on disk. Omitting this parameter means that the ASC data is stored in the database instance indicated by the above JDBC parameters.
The location of CRM parameters within the ASC data. The location is indicated by a node name.
crm_config=baseConfig - Used for Smart apps (/crm/baseConfig)
crm_config=baseConfigThin – Used for thin apps (/crm/baseConfigThin)
Application server (Weblogic, Websphere) connection parameters
Defines whether the database is Unicode.
- login_name, db_password, db_name, db_serve, db_driver, db_type, Predef_User_Name, Predef_User_Password
Connection parameters used by Classic client or console applications.
Defines the application locale (1033 is US_EN)
- Java_Classpath, jar_path, java_args, java_pool_size, large_pool_size
Parameters used by Java environment
Used to switch-on Trace log
Used to switch-on ASC log
Locale parameter used by CBO
CRM Configuration in ASC
Use the ASC editor (an eclipse plugin) to manage (view / edit) the CRM database connection definition.
As mentioned above, the CRM root node is defined by the clarify.env parameter ‘crm_config’.
Assuming our CRM root is defined as ‘crm_config=baseConfig’,
the following database connection parameters are defined in ASC node /crm/baseConfig/Aif. These parameters mainly used by an application server:
DataSource: CRM800_XA_DataSource JdbcDriver: oracle.jdbc.xa.client.OracleXADataSource DatabaseUrl: jdbc:oracle:thin:@localhost:1521:CRM800 UserName: <user name> Password: <Password>
Smart Client Run-Time Focus Objects
Smart Client Named Collections
Named Collection data path handler enables resolving an item by name within a named collection, such as
Named Collection Data Paths
A named element in a collection can be extracted from a java object by using two path items:
- The first identifies the collection,
- The second identifies the item’s name
An example data path is as follows:
The $Dataset context type contains a collection that can be accessed by:
The followings Smart Client runtime elements are implemented as Named Collections:
The following path resolves to a Grid column control in the current Form using Named Collection:
- Form is the starting context and it specifies a UifForm context type
- ControlSet is a member in UifForm
- Control is the accessor collection name for ControlSet
- caseOverviewGrid is the name of the Grid control
- GridColumn is the accessor collection name for the caseOverviewGrid object
- caseTitleCol is the name of GridColumn inside the caseOverviewGrid grid control
- ColumnControl is a property in GridColumn which specifies the contained UifControl for the GridColumn control.
The following path resolves to a logical form called com.nextgen.GlobalUtils:
- Workspace is the starting context and it specifies a Workspace context type
- Form is the accessor collection name for Workspace
- com.nextgen.GlobalUtils is the name of the Form.
Data Path Contexts
Data Model, Data Provider
Form, Control, Action
Create Data Request Map
Choice List Action Request Map
Input, Workspace, Locale, WorkspaceForm
ContainingFormDataModel, OpenerFormDataModel, TopLevelFormDataModel, Form
ServiceInput, ServiceOutput, Bindable, Control, DataModel, Input, Relative
Double click event is implemented in the Search Grid (or simple Grid) using activationAction event handler.
The activationAction sets the action to be launched when a cell in a row is double clicked. This action is executed if and only if the cell is not editable and the corresponding column control of the cell is not an action control (hyperlink or button).
See the Implementing Double Click event in Search Grid for a step by step example.
About Derived Form
A derived form can visually inherit from a base form, or define the layout itself. Externalized resources are inherited from the base form. The application code file is a subclass of the base application code file. The form metadata (.uiff file) describes the changes to the base form it derived from.
Use Derived Form for
Any customization that extends or overrides existing layout, any customization that extends or overrides existing functionality, or any customization that need to implement several forms that share common layout or functionality, yet differ in certain aspects.
Derived Form XML – .uiff
Boolean attributes for elements used in processing derived forms:
Applies to all UI elements.
It is set when an element is inherited from a base element.
Applies to removable collection elements such as
- Data Model Rows in a Tabular Data Model
- Property Bindings
- Trigger Fields
- Request/Response Map Items
- Data Comm Items
- Bulk and Sequence Actions
It is set when a collection element is removed from a base collection.
Applies to ordered collection elements such as Grid Columns, Tree Node Templates, Tab Pages, Menus, Bulk and Sequence Actions.
It is set if an ordered collection is re-ordered in the derived form.
Breaking the Layout
Breaking the layout may result of any of the following activities:
- Add or remove a row or column from a base panel’s layout
- Move a base control
- Change spanning of a base control
- Drop a new control into an empty cell in a base panel’s layout
The user is notified when an action force the layout to be broken
Removing Base Control
Attempting to delete a control defined in a Base form panel or tab page moves it automatically to the unused controls parking lot.
The following collection elements defined in a Base form cannot be removed from their parent collection in a derived form:
- Card (panel) in a Card Pane
- Grid Column
- VoFieldDef for a manual data model
- Field Value pair for initializing a singular data model
- Data Model / Tabular data model
- Action Element
- Data Comm Element
- Single Select Group
- Tree Node Template
When Deleting a Base Form Control
If a derived form made the same deletion the deleted element is flagged as “uifremoved”, an informational message is posted in the problems view and upon save, the derived form no longer reference the deleted element.
If a derived form made updates to the same element, a warning is placed in the problems tab.
Keeping Visual Inheritance
To keep visual inheritance of an existing base form, add a panel container to a base card pane, add all new controls there. Add a tab panel to a base tabbed pane, add all new controls there.
Plan for Visual Inheritance
When creating new form, add one or more panels or card panes and associated panels to cover all root panel areas. Layout your new form with an area for the base form specifically using a card panel or tabbed pane for customization or derived forms to add functionality.
Upgrading AmdocsCRM Smart Client form (Part One)
One of the common business requirement is to upgrade an out of the box form and either add more functionality or merely change its appearance to enhance the end user experience when interacting with this form. In the following example I shall illustrate how easy it is to make such enhancement.
I will show how a simple OOB (out of the box) form can be enhanced using form inheritance capability of the AmdocsCRM Smart Client.
I shall also demonstrate how user experience can be greatly enhanced by combining several separated forms into a single form by exploiting Java SWING panel elements.
Let’s look at an OOB Create Case form:
The above form was re-designed to provide better UI usability:
Re-designed Create Case:
Note that the entire UI arrangement was changed:
- Many unnecessary items were removed from initial screen (form) layout.
The screen is less crowded, more logically arranged for easier readability
- Caller details were moved to the lower part of the form, since usually this information is automatically populated from the CIM (Customer Interaction Manager)
- Removed items remained accessible only when needed
- ‘Case type’, ‘Case Indicators’, ‘parent-child’ and ‘contract’ were re-arranged vertically for easier human eye capture.
- All buttons were moved to the lower part of the screen
- The lower part of the form is used in three different ways:
- Clicking the ‘Notes’ hyperlink takes the user back to display the ‘Notes’ again, either in their short or expanded form.
Customizing a New Layout
The new layout was achieved without changing the original (out of the box) logic, but merely adding minimal code to support the enhanced appearance.
The necessary steps to re-arrange an OOB form are:
- Create a new Smart Client project in your Eclipse Smart Client Designer IDE.
Make sure to include AmdocsCRMSource.jar in the project’s class path.
- Using the Eclipse package explorer, identify the original (out of the box) form’s package name (com.amdocs.crm.isupport.kcase) and full Logical Form Name (LFN) com.amdocs.crm.isupport.kcase.casecreate in the jar file AmdocsCRMSource.jar.
3. Open the selected form’s layout (right click the OOB form’s name ‘CaseCreate.uiff’ and select ‘Open’)
Note that the base form full logical name (package + form name) is already
selected and can not be changed (marked in red ellipse): com.amdocs.crm.isupport.kcase.CaseCreate
5. Fill the necessary parameters in the New Derived Form dialog:
Source Folder: Browse to the source folder in your project.
Package: This should be your customized package name.
It is a good convention to keep the original package name structure,
however, replace the company name part with your company name.
Thus, our package name will be com.nextgen.crm.isupport.kcase
Form Name: It is a good practice to use same name as the original, adding an ‘X1’
prefix to emphasize the customization level: X1CaseCreate
(next inheritance layer for this form will use X2CaseCreate etc).
Design Notes: Add a short description for your customization.
6. Click ‘Finish’.
7. Look at your source folder in your project at the package explorer:
8. A new package was added, plus four files that represent your newly inherited form:
- X1CaseCreate.java – new java class file, which extends the original OOB form
logic. You may leave this form as is (no additional code), override methods or members in the original class, or add your new logic here.
- X1CaseCreate_en_US.properties and X1CaseCreate_en.properties
resource bundle files that stores all your localized strings.
- X1CaseCreate.uiff – an xml file that extends the original CaseCreate.uiff xml file.
the .uiff is an XML file which defines the UI layout and form related dataset.
9. In order to direct the application to use our inherited form at run-time, we need to define a version selector object. A version selector is an xml file that must have similar Logical File Name (original package and form name) of the form we are about to override. The version selector file allow defining an expression that evaluates in memory application values at run time (usually they represent cached database field value i.e. login_name = ‘yuvalr’) and a target Logical File Name that represent the form to use if the expression evaluated to ‘true’.
A version selector may contain several entries of expressions – LFNs (they are evaluated until one evaluates to ‘true’.
- We shall create a new package in our source folder. The new package name should be exactly as the original OOB form package: com.amdocs.crm.isupport.kcase
Under our new package we define the following XML file: CaseCreate.uifvs
<?xml version=”1.0″ encoding=”ASCII”?>
Note the following;
- The version selector file should be named exactly as the original inherited form name.
- The version selector file should be located at package which has exactly the same as the original (inherited) package name.
- The package should reside in our project source folder
- Our version selector file contains only a single ‘default’ row, which includes:
- Version description
- An empty expression (empty expression always defaults to true).
- A target phisical target file name “com.nextgen.crm.isupport.kcase.X1CaseCreate”
- Version description
At runtime, when the application looks for the original form, a version selector mapping class is evaluated (remember: the version selector has similar name and package as the original form).
Since its default entry (row) is always evaluated to true, the application use our inherited physical target form (X1CaseCreate).
- We still need to make sure that the application finds our version selector before it finds the original form, otherwise the original form will be used and the application will never be able to evaluate our version selector.
To make sure the version selector is used before the original form, we need to set the project’s class order in a way that it looks for our customizations (source folder) before the original oob class (located in AmdocsCRMSource.jar).
Note that the .uifgenjava folder contains the final source code. This ‘final’ source is automatically created by an application generator utility. It is then build, complied and run.
10. Now it is time to see if our inherited form indeed used by the application;
we shall add a form event handler. We use the ‘form_load’ event handler and add our own code in its stub to print our inherited form name to the console.
11. Double click X1CaseCreate.uiff.
The default view tab (designer) displays the inherited UI layout – it still looks like the original form:
- On the ‘Controls’ UI layout pane, select the ‘Form’
- On the lower ‘Properties’ pane, select the ‘Events’ tab – it shows available form events. Select the selection icon in the ‘value’ column. The Application Code Editor is opened and displays the ‘form_load’ event handler stub that is automatically added to our inherited class.
- We add to the ‘form_load’ event handler the following line of code:
System.out.println(“… X1CaseCreate …”);
12. Let’s run the application and try to create a Case.
If our form is used, the console should display the text
‘… X1CaseCreate …’
Indeed – our inherited form is now invoked.
13. Now it is time to modify the layout.
In the UI designer view, we first move all main panel components to the unused controls area;
If we run the application now and try to create a new Case, an empty form will be displayed.
14. Now it is time to modify the layout.
First we change the root panel into two main sections:
We now add two card panels (crdMain and crdButtons) under root, one for each main area:
Within each of the card panes we add a panel (pnlMain and pnlButtonsMain)
A ‘Card Panel’ allows adding several panels underneath. Only one panel can be displayed under a Card panel at a time.
This capability will allow us in future to expand functionality at a will, by adding more panels and swap them as necessary. Currently we use only one default panel under each card.
(To be continued. )
This time we would like to hear which client technology your organization employ, and whether you consider moving from legacy to latest technologies.
Implementing Role Based Authorization
The three ingredients required to compose an RBA security mechanism are:
- Controlled operations (functionality)
- Controlled data
- User roles (Global, Team, User)
A matrix match of all tree components will allow controlling functionality and or controlled data. Both depend on specific data instance (object) and the user role that are evaluated at run-time.
In order to implement RBA one has to identify the functions and data to be controlled, the roles that should be granted access to those functions and data, and the rules that determine when access is granted.
A. Identifying controlled functionality
For example, let’s assume the following functionality needs to be restricted:
- View accounts
- Create opportunities
- View opportunities
- View selected tabs in the Opportunity window
- Change Case status
Business functions can be defined in terms of basic operations or UI elements in the CRM application modules. These business functions are defined as Controlled Business Objects.
Restricting data visibility (for a specific database object), requires identifying that the database table related with that object. The CBO Data Service (JPOMS) controls access when retrieving the data from the CRM database. You do not need to identify application components for the view function.
In order to restrict functions (application components) that performs the business operations, certain application elements need to be identified:
- The UI component and server side code (worker bean, XBean) handle requests to perform the business function
- The services or processes which performs the business function
- The status transitions associated with the business function
To control the operation of adding team members on the Account Overview page the following application components are identified:
- The UI component to be controlled for this function is the Team Members tab on the Account Overview page
- The server side code (worker bean) that handles the operation is com.clarify.isales.team.workerbean.TeamRoleAddWB.
Smart Client administrator UI screens allow identifying the application components which perform specific functions related with specific data object.
B. Identifying the affected data – Controlled Objects
This is the data affected by the controlled operation. For example, filtering accounts data (restricting access to viewing account records), affect the database table bus_org.
The table containing this data represents the controlled object.
When setting up RBA, the controlled objects define the previously defined controlled business operations.
Functionality related with existing data in the database, and which are authorized for some objects and not authorized for other objects, are called instance-specific functions.
- For the “view opportunity” business function, the opportunity table represents the controlled object.
- For a “modify forecast item” business function, the frcst_itm table represents the controlled object.
Certain business functions that do not operate on existing data in the database are called global functions, such as:
- Create operations, since there is no object instance yet present in the database (I.e create territories or accounts).
- External call functions that call external systems (such as services and processes that launch third-party software).
Global Control Object
Since global functions do not affect existing database data, their related controlled objects are a special object called global. When setting up RBA, these business functions are defined under the default global controlled object.
C. Grant Access to Controlled Objects – Define Roles
Who should have access to this functionality and what is the context in which authorization is to be applied to the controlled functionality?
RBA use roles to identify who has access to controlled functionality and data.
For example, allowing the members of an account team to view the opportunities under their respective accounts. An account team member has a role and opportunities related with accounts represent the context in which authorization is applied.
Additional conditions that should be used to restrict access
In order to further restrict access to functionality and or data, an expressions or combination of roles are used.
After determining the data to control and the roles, we should set the kind of permission granted to allow roles to access controlled business functions.
For a given role, any one of the following permissions can be assigned to a controlled business function:
- Grant permission with no condition
- Do not grant permission at all
- Grant permission with a condition.
Authorization Matrices are the place where you will map controlled business functions to the roles.
It is possible to grant access to roles associated with authorization matrices by assigning permissions to different roles in different authorization matrices. Thus, a sales administrator global role in the Global Roll Matrix (GRM) can have a single permission and a sales manager in an account Team Role Matrix (TRM) may have a different permission for the same business function.
Granting an unconditional permission
When assigning the ‘Grant’ permission to a role, that role is given a permission to perform the controlled business function. ‘Grant’ permission overrides all other permissions.
Once a user has a Grant permission for a function, that user is permitted to perform that function even if he is not granted permission in any other authorization matrix for that controlled function.
‘Not Granted Here’ permission
When the ‘Not Granted Here’ permission is assigned to a role, it means that permission is denied for that role with regard to the controlled business function using that authorization matrix.
Not Granted Here means that the function is not given permission by this role here. However it does not mean that users with that role cannot perform the function.
‘Not Granted Here’ is a non-restrictive permission. If the users have permission for this controlled business function under a different role, that Grant permission overrides the ‘Not Granted Here’ permission.
Not granting permission is not the same as denying permission. RBA uses the combination of all matrices to determine the permission for a business function. If any matrix grants permission to a role, that role is allowed to perform that controlled business function even if user also has another role that does not have permission.
Granting a Conditional Permission Using an Expression
When a role is assigned with ‘Expression’ permission, it grants or withholds permission to the controlled function depending on the result of an evaluated expression.
If the expression evaluates to true, the role is assumed to have ‘Grant’ permission and if the expression evaluates to false, the role is assumed to have ‘Not Granted Here’ permission.
The Smart Client administrator UI provides special UI which allows using a ‘path builder’ to compose the expression.
Use the expression:
- $focus:name=‘Account1’ - to allow accounts with name ‘Account1’
- $User:login_name=‘sa’ - to allow only user ‘sa’
Path builder to help writing the expression
How Permissions Are Evaluated
Permissions are evaluated using the user roles, the business function, and the object instance.
Global roles are checked first to see whether the user is assigned any of the global roles that are permitted to perform the function (Global Roles for a user are known by the CRM application when the user logs in). If a user is not assigned any global roles that are permitted for the business function, every TRM and URM are checked for the business function to see if the user is assigned a role with permission for that function.
Which authorization matrices should be used to assign permissions to different roles for the controlled functionality?
Assuming we would like allow an opportunity team member (team role) to view accounts associated with opportunities. The authorization matrix used for the opportunity team will be the Opportunity Team Role Matrix. The authorization matrices for different roles must be identified.
An authorization matrix determines which roles have permissions to which business functions. As an example, an authorization matrix for an “Opportunity Owner” authorization domain may specify that the opportunity owner has access to the “view opportunity” business function for that opportunity.
Based on the types of roles used, RBA can use three types of Authorization Matrices:
- Global Roles Matrix (GRM) for global Roles
- Team Role Matrix (TRM) for Team Roles
- User Role Matrix (URM) for User Roles
When setting up RBA, a grid-like UI is used to implement the authorization matrices.
When all RBA settings are ready, they should contain at least one GRM and one or more TRMs and URMs.
When users try to use a controlled business function, RBA uses the combination of all matrices to evaluate if they are permitted to access the controlled functionality.
A user who is granted permission in any one of the matrices has access to that controlled function.
Users not granted permission in any of the matrices are denied access to that controlled function.
Using the Global Role Matrix (GRM)
The Global Role Matrix (GRM) relates the controlled business functions with the Global Roles.
The GRM is checked first for evaluating permissions when the user logs into the CRM application.
The GRM is accessed through the following CRM Administrator UI screen:
Global role Matrix window
Controlled Objects and business functions are added into the matrix using the ‘Controlled Objects’ UI tab. They are added from the global pool of controlled objects defined in the application.
Using the Team Role Matrix (TRM)
The Team Role Matrix relates controlled objects and functions with Team roles; enabling the function for users in the team with the role specified.
The CRM application already provides several pre-defined TRMs for Account, Opportunity, and Territory objects.
If a user has multiple roles within the same team, the effective permission is the sum of all the permissions granted for that user in that team.
Using the User Role Matrix (URM)
The User Role Matrix relates controlled objects and functions to user roles; enabling the function for users with the particular role (ex: case owner)
The URM is a special kind of TRM. The only difference between them is that a TRM uses team roles previously defined, while the URM uses roles assigned by the application logic.
The URM is accessed through the following CRM Administrator UI screen:
User Role Matrix window
Enabling Authorization affects the performance of the CRM applications (due to multiple checks for evaluating permissions).
Here are some guidelines for minimizing performance penalty when implementing RBA:
- Use global roles if possible. Checking permissions for global roles is faster than checking them for team and user roles.
- Define as few controlled business functions as possible (use combination of functions…).
- Define as few team roles as needed. If two team roles have exactly the same authorization policy, combine the two roles.
- Do not duplicate permissions when one role is a superset of another role. Instead, assign user to both roles.
RBA is enabled by default for Amdocs CRM applications. However, you can disable authorization checking using RBA at the following levels:
- To disable RBA for at the applications level, use the DisableAuthorization configuration item, and set it the ‘1’.
As a result, RBA will not be active at all for all roles and all functions.
- To disable RBA for a global role, use the Disable Authorization for this Global Role check box on the Role tab of the Global Role Matrix window in the Administrator UI.