Is there any way through meta-data to automatically detect that a developer has published an anonymous screen for web & mobile?

Hi Jay,


Unfortunately there isn’t. The screens are not in the metamodel (only in the generated code). One thing you can try is looking to screen logs and see which ones are accessed anonymously (they show with user id as 0 if accessed by a non authenticared user).


Alternatively you may try to use outdoc but I’m not 100% sure if it gives you what you need.


Cheers,

Guilherme


Guilherme Pereira wrote:

Hi Jay,


Unfortunately there isn’t. The screens are not in the metamodel (only in the generated code). One thing you can try is looking to screen logs and see which ones are accessed anonymously (they show with user id as 0 if accessed by a non authenticared user).


Alternatively you may try to use outdoc but I’m not 100% sure if it gives you what you need.


Cheers,

Guilherme


Ah. So we are tracking logs. So if a log_screen entry has no user, we can assume it is anonymous than?


Hi,

Given that the last response on this thread was around a year ago, has OutSystems implemented any features to tackle for this? 

We are developing solutions for an Enterprise customer who does not have any need for anonymous access. In fact, the organisation needs a way they can prevent anonymous screens from going to their prod environment.

Hello Dhruvin,


You can easily prevent anonymous access by ticking out the check for the anonymous users, and I think that is enough. I think what needs to be done on your case is to include a mandatory test for anonymous access before deploying to prod.


Hope this helps!

- Emman