How can we implement custom Role based authorization for screens in Outsystems reactive application.

The roles are dynamic and can be added through UI. (Below is the screen)


Custom table for roles is created in database.

Is there any way or forge component to manage application based on dynamic roles creation.


P.S

System roles table manages predefined roles, that are added under Roles in Logic tab, and checkboxes for already created roles are present for each screen.

However, we need to dynamically enable newly created role to access screens.

 


Hi Rakhi,

As far as i know, You have to build your own custom actions to check these custom roles (Similar to the default CheckRole actions provided by the OS roles)  and authorize users to access screens (OnInitialize screen action - verify user role)  and actions (validate the user role in the screen action). 

Thanks,

KJ 


Hi Rakhi,

Please store User ID as well along with Role Id in your Custom table of role if yes then you can check the logged In user(you will get it by GetUserId() function) has an entry in your table with that role if the user does not have role then you can redirect the user to Invalid Permission/or any custom not have access permission screen

hope it will help you

Cheers,

Krushna

Hi Krusna,

I dont think she need to keep the user id in the same custom table , rather there should be one more entity where she will keeps the combination of UserId and Roles assigned to him.

@Rakhi , Platform provided a very strong user role management , building your own custom role engine will require a lot of effort and you need to very sure that every action\page you are checking the required roles against the user. Please see if you really want this mechanism ?


Regards,

-PJ-



Pramod Jain wrote:

Hi Krusna,

I dont think she need to keep the user id in the same custom table , rather there should be one more entity where she will keeps the combination of UserId and Roles assigned to him.

@Rakhi , Platform provided a very strong user role management , building your own custom role engine will require a lot of effort and you need to very sure that every action\page you are checking the required roles against the user. Please see if you really want this mechanism ?


Regards,

-PJ-



 

Yes. Maintaining the tables around roles and permissions is one way. I was looking for some inbuilt capability that OutSystems can provide

Hi Rakhi,

When you say custom it totally depends upon how you wanna do it , there may be some component available in forge which at this point i am not aware of . You may still use platform capability (In built role management)  and make your custom logic around it .

If you can share some more insight like what exactly you want to achieve will help me to provide more information and feedbacks\suggestions.


Regards,

-PJ-