Creating and Managing User Read and Write Permissions
To ensure that users have the correct access to various functions within your system, it's important to properly configure their read and write permissions. This can be achieved by creating a specific entity where you can define these permissions.
-
Create an Entity for User Permissions: Start by creating a new entity that will manage user permissions. This entity can include various properties such as "ReadAccess" and "WriteAccess." By using these properties, you can easily control which users are allowed to read or write to specific objects within your system.
-
Add Properties for Read and Write Permissions: Once the entity has been created, add the necessary properties to manage read and write permissions. For each user or user group, you can define the permissions that should apply. For example, you can create a "CanEdit" property that can be set to true or false depending on whether the user should have the right to edit data.
-
Use Entity Springboarding for Ease During Testing: Springboarding allows you to quickly create multiple entities based on a template. This is particularly useful when you want to test different scenarios where different users have different permissions. By creating these entities in advance, you can easily test how user permissions work in practice without having to configure each user manually.
-
Create Rules for User Interaction: With the entities in place, the next step is to define rules for how users are allowed to interact with objects. This is done by navigating to "Model" and then "Permissions." Click "Add" under "View Permissions" to start creating specific rules.
-
Define Detailed User Rules: Here, you can specify conditions under which a user is allowed to read or write to an object. For example, you can set that only users belonging to a specific group are allowed to edit a particular object. This is useful for maintaining security and ensuring that only authorized individuals have access to sensitive information.
-
Test and Verify Permissions: Once you have configured your rules, restart the application to test if the permissions work as expected. Edit the user and adjust their permissions to ensure that they only have the access that is necessary. Test creating a new object and check that the user can perform actions according to the rules you have defined.
-
Create a New Object and Manage Permissions in Real-Time: After verifying the permissions, create a new object in your list and save it by clicking "OK." Go back to the user's settings and adjust their permissions, for example, by removing write access. Then go back to the object list and try to edit the object. The user should now not be able to change any values, confirming that the permissions are working as intended.
-
Deploying the System in Production: Once all permissions are correctly configured and tested, the system can be deployed in production. Ensure that all permissions and user roles are clearly documented so that future administrators know how to manage user access.
By following these steps, you can ensure that your system is correctly configured to handle user permissions in a secure and efficient manner.
-
Pro-tip: If you have more complex permissions and want to use roles or groups you can create an underlying entity on the application user. For example an entity named UserRole - Where you define certain user rights the same way as described above. Then you can handle more complex structures and assign a user to a specific role which in turn has certain rights.
You can also define this UserRole entity as a system defintion list then you will be able to define the different roles properties in the studio and the UserRoles will be updated each time you deploy a new version.
0
Please sign in to leave a comment.
Comments
1 comment