Access groups
No edit summary
No edit summary
Line 1: Line 1:
You probably have different users in your system and these users are probably associated with an access group somehow (ActiveDirectory or something in your application).
You probably have different users in your system and these users are associated with an access group somehow (ActiveDirectory or something in your application).


You will want to allow and disallow user groups to execute actions.
You will want to allow and disallow user groups to execute actions.


This could be done as enable expressions on the Actions – but that would not be very nice since it would kidnap the use of enable from the normal things we use enable for (check data state). Also if a user is never allowed to execute “TheAdminInterface” it might be best to hide that action from view all together.
This could be done as enable expressions on the Actions – but that would not be beneficial since it would kidnap the use of enable from the normal things we use enable for (check data state). Also, if a user is never allowed to execute “TheAdminInterface” it might be best to hide that action from view altogether.


To facilitate this Modlr has a new concept called AccessGroups:
To facilitate this, Modlr has a new concept called AccessGroups:


[[File:Access groups - 1.png|frameless|423x423px]]
[[File:Access groups - 1.png|frameless|423x423px]]
Line 13: Line 13:
[[File:Access groups - 2.png|frameless|423x423px]]
[[File:Access groups - 2.png|frameless|423x423px]]


Here you can add groups and define the EnableExpression and VisibleExpression for the AccessGroups.
Here, you can add groups and define the EnableExpression and VisibleExpression for the AccessGroups.


An AccessGroup the contain actions and you can add and remove the association here.
An AccessGroup contains actions - you can add and remove associations.


If an action is a member of multiple AccessGroups the result will be;
If an action is a member of multiple AccessGroups, the result will be;
  (Group1.IsEnable OR Group2.IsEnable OR Group3.IsEnable) AND action.IsEnable
  (Group1.IsEnable OR Group2.IsEnable OR Group3.IsEnable) AND action.IsEnable
And for visible the result;
And to make the result visible:
  (Group1.IsVisible OR Group2.IsVisible OR Group3.IsVisible) AND action.OptInInContext
  (Group1.IsVisible OR Group2.IsVisible OR Group3.IsVisible) AND action.OptInInContext
[[Category:Security]]
[[Category:Security]]

Revision as of 06:26, 21 March 2023

You probably have different users in your system and these users are associated with an access group somehow (ActiveDirectory or something in your application).

You will want to allow and disallow user groups to execute actions.

This could be done as enable expressions on the Actions – but that would not be beneficial since it would kidnap the use of enable from the normal things we use enable for (check data state). Also, if a user is never allowed to execute “TheAdminInterface” it might be best to hide that action from view altogether.

To facilitate this, Modlr has a new concept called AccessGroups:

Access groups - 1.png

Clicking up the AccessGroup dialog shows you this:

Access groups - 2.png

Here, you can add groups and define the EnableExpression and VisibleExpression for the AccessGroups.

An AccessGroup contains actions - you can add and remove associations.

If an action is a member of multiple AccessGroups, the result will be; 

(Group1.IsEnable OR Group2.IsEnable OR Group3.IsEnable) AND action.IsEnable

And to make the result visible: 

(Group1.IsVisible OR Group2.IsVisible OR Group3.IsVisible) AND action.OptInInContext
This page was edited more than 9 months ago on 04/03/2024. What links here
Retrieved from "https://newwikicopy.mdriven.net/index.php?title=Documentation:Access_groups&oldid=9072"

© MDRIVEN . All Rights Reserved

Glossary API Docs
MDriven World | Portal | Blog | YouTube | StackOverflow | Facebook

© MDRIVEN . All Rights Reserved