Block access to custom applications unless specifically allowed via lifetime

So far I have been able to get this scenario working but I have only been able to explicitly revoke list access per user at a Team level or at an individual level.
The use case is at an enterprise level. It requires that all custom applications can only be viewed if the developer has the permission to list it. This is to prevent external consultants from listing any applications that they do not have explicit access to.
These are the steps that I have put together to make the above scenario work:
  • A user has to have at a minimum List access on an envirnment to be able to have other permission assigned. That requires a default role which is assigned to all users and only has List access for the environents.
  • A Team is created for each of the application groups and the applications are assigned to those Teams.
  • A default Team is created that contains all the common and system applications.
  • A user is assigned to the default Team and is given a common Role with Reuse & Monitor permissions for the Team.
  • The same user is then assigned to an application specific Team where they are given a Role with Change & Deploy or higher permissions.
  • Then that user needs to be assigned to every other custom application group with a Role that contains No Access permissions or they need to have all the applications that they should not be allowed to view added to the users profile and assigned a role which contains No Access permissions.
This is rather a convoluted way to handle the scenario and I am wondering if there is a more succinct way to implement this.

Hi Ouen,

I'm trying to accomplish the exact same thing as you. My solution has been similar to yours, only it involves a level of automation using the LifeTime API. I'm planning to discuss it directly with OutSystems and I will try and remember to update this thread as I find out more information. 

Regards and best of luck