[DBCleaner] Add security role to delete screens

Forge Component
Published on 2019-03-11 by Johan den Ouden
51 votes
Published on 2019-03-11 by Johan den Ouden

Every registered user is allowed to open the delete screens and click on the  delete buttons.

I would suggest to apply a DBCleanerDelete role for this.

The url to the application is easy to guess for users.

User provider is "Service center" and you have to log in with development account. If you are developer then you can delete it

Your right. I overlooked that. But I would suggest to still add an own role to make it more flexible.

Because every developer can perform the task and you do not always want that.

I know my answer comes a bit late, but I did not add specialized roles because, as Mika said, the user provider is Service Center.

It is not very easy to properly integrate with Service Center permissions, and to provide application roles to Service Center users. I'm more or less relying on the underlying permission model that is invoked when I call some of the actions which only let you perform those actions if you have a certain role in Service Center / LifeTime.