To preface this, I'm in an on-premise setup, and thus have access to db directly. I would like to create an app for IT users only, some sort of back office application. Due to policies, IT users are not allowed the normal User accounts. However, from an app, I can set the user provider to Service Center to allow IT user to login, however I would like to restrict which IT users can access this app.
So far the only way I can do this is to insert a record into the User_Role table i backend with my userid and the roleid I created for the app. Is there any way I can do this from a front end application? Under the /users page i can only see end users, and in lifetime I can only see the developer roles.
Hello @Wei Pien Keoh
To assign roles to IT users in your scenario:
Avoid directly modifying the User_Role table to maintain system integrity and ensure compatibility
For more details, refer to:
Thank you very much!
Sorry, how do I assign it in the first place? Other than making a page that only requires registered user to sign in instead of specific roles so I can hit the page that will allow me to assign them?
I initially thought i can select and assign IT user while logged in as /users user, but it only displays users that are the same type as the app's user provider. Meaning I still cannot do the initial assignment without a datapatch or making it open to everyone first before I can assign the role for the first user.
I too was confused when you marked the suggestion as solution because that documentation is primarily to assign/revoke roles to the application end users.
Please refer to this post, you should be able to achieve this using Service Center as User Provider and assign to IT users the role which is defined in your back office application.
https://www.outsystems.com/forums/discussion/46275/if-user-provider-is-servicecenter-how-can-you-set-a-custom-access-role/
Hope it helps!
Junaid
Thanks for the attempt, that's what I did too, but as i said, to allow the first person to be assigned that role, I have to either make the assigning page accessible to all at the start so I can start assigning it to people(not very desirable in prod environment, but technically should be fine if we do it fast and control it with secret site property), or do a datapatch to create user_role for the first user and then using the first user to assign the rest of the roles.
Instead of manually doing it for instance through a web page, you might consider creating a timer in the same module to set up the first user or initial set of users. Although I have not tried it myself, just something worth considering.