Skip to Content (Press Enter)
OutSystems.com
Personal Edition
Community
Support
Training
Training
Online Training
Developer Schools
Boot Camps
Certifications
Tech Talks
Documentation
Documentation
Overview
ODC
O11
Forums
Forge
Get Involved
Get Involved
Jobs
Ideas
Members
Mentorship
User Groups
Platform
Platform
ODC
O11
Search in OutSystems
Log in
Get Started
Back to Forums
Miguel Seabra Melo
0
Views
0
Comments
Tip: Using Permission Areas effectively to protect application screens
Question
Service Studio provides developers with a very powerful and clean way to automatically allow/block access to specific screens (be they Web or Mobile Web screens or blocks) depending on which user is logged in (or if no user is logged).
This functionality seems not to be immediately apparent, however, as some developers have developed their own authorisation logic, by placing explicit checks in every Screen Preparation for example. While this will work, the eSpace ends up with a fair amount of replicated logic: something that both distracts from the real logic and reduces eSpace maintainability.
In brief, the eSpace logic grants specific permissions to the logged in user, normally via the
Grant<Permission area>Permission
Built-in action (although advanced users can opt to modify the
User_Permission
system table as well).
Permissions can be either Persistent or not. In the first case, whenever the user logs in using the
Login
Built-in action, the current session is automatically and immediately granted clearance to those permissions. For non-Persistent Permissions grants have to be explicitly given every time.
The user, for the duration of the session, will then be able to view any screen so long as he or she has been granted access to
any
of the Permission Areas required by that screen.
You can select which areas are required by using the checkboxes on the properties of each screen.
Attempting to access a screen of which the user has no suitable granted Permissions will throw a Security exception, which can be caught with a
Error Handler
.
This is the preferred way to implement screen access security in the Hub Edition platform: the alternative of using explicit
Check<Permission area>Permission
in the screens’ Preparation is, therefore, unadvisable.
The
Service Studio documentation help
contains a wealth of information on the specifics of Permission Areas and should be consulted for further information. You can find the most relevant pages inside the topic
Handling security\Using Permission Areas
Furthermore an extremely well documented sample that shows all this as a simple application can be downloaded from
\Samples\Basic Samples\Permission Areas usage and User Management in WEB
In the
Documents
area of this site.
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
See the full guidelines
Loading...