What are alternative methods to checking a users role and disable features

Greetings, salutaions, and Good Day;


As of this moment me and my coworkers are trying to fix Roles and their Permissions/Feature Access on our project, as of this moment we cannot restrict pages, for when we do and we test with a dummy user that does not have permission: the screen "breaks" per say.  Is there alternative methods to block access to a User that does not have the correct permissions but still keep the feature visible?  And if so what would that be?

Hi,

It depends on what you mean by "breaks" the screen. You have four ways to control access of a feature to a user:

 - you exclusively use the checkmarks for roles on each page: this blocks access to the user if he doesn't have roles to the page: this is the simplest but more sweeping way to deny access. You can only use it to block entire screens and not finegrained features of your application;

 - you open up the pages, but do not display any elements that the user cannot interact with an If statement on the screen: this adds a little bit of complexity to your screen and can cause you to repeat logic. It can also break the layout of some pages if they expect an element to be there (buttons, containers, etc);

 - you open up the pages, and you display the elements, but you disable them with the Enabled property: still adds a bit of complexity to your screen, and can end up hiding your logic inside widget properties. It doesn't break the layout since the elements are still there, but not interactable. Good for links and buttons, but doesn't work if you want to hide actual content from the user (text, tables, etc);

 - you open up the pages, and you display the elements, but you validate within the action of the element with a CheckRole action if the user has permissions to execute that action, and allow/deny based on result. Probably the cleanest way to do it codewise, but still not very useful if you want to block text or table contents.

The best way to restrict user access to an app feature is always going to depend on the nature of the feature that you want to block, how secure you want that block to be, as well as your preferences in managing the code that you'll use to control permissions. Do you think you could give us some more details on what you want to restrict to the user?