34
Views
7
Comments
Solved
Roles within a page
Question

Is it possible to check what roles are assigned to each page in the code, so that I can build logic depending on what roles are allowed in a page?


I need to be able to do this without checking the user's roles (ie the user will not be logged in at this stage).

mvp_badge
MVP
Rank: #43
Solution

Hi André,

I don't think this information can be consulted programmatically. If you need to check page roles and react in a dynamic manner depending on what they are, you'll have to create your own page permission mechanism.

Could you tell us a bit more about your use case? Maybe we can come up with a solution.

Could you describe your problem with a little bit more detail? 

Regards

Graça

Rank: #580

So the use case is, I am working within an environment that has multiple user authentication providers (example Azure B2B and Azure B2C on different), depending on the role of a user that is allowed on a screen (example internal vs external) I wanted to try send the user to authenticate against the relevant provider.


An alternative similar to what Afonso suggested is to store this in an aggregate and then run our own validation, just wanted to know if there was another way to get the roles permitted in a particular page via some system (or other action for example). 

mvp_badge
MVP
Rank: #43

Just to make sure I understand, you have two screens, one allowing Role X and another one allowing Role Y. Depending on which Role is allowed, you'd like to authenticate with a specific  provider?

I think you'll have to store this information in the database and then run your own logic to handle this. Roles associated with your OutSystems users are stored at the database level, and can be checked - but I believe roles associated with your screens only reside within your OML file, and there's no API to retrieve them.

The users in each provider have roles  that are not assign to users in the other providers?

If so, once one user is logged in from one provider , are you thinking to log him off and have him log in again in other platform to access other kind of data/features ? 

Regards

Graça

 

Rank: #580

Hi Graça, the use case is related to the login (before the user is signed in), the whole point is to know what provider to send to, for them to authenticate. You have an internal user that authenticates against a B2B azure tenant and a external user that authenticates against a B2C azure tenant.

I have various pages across several apps with many screens, for the sake of an example can have these combinations:

  • only allowed to internal role
  • only allowed to external role
  • allowed to both internal and external

How can I check what roles are allowed in that page, is there an action that can list the roles (in the preparation for example), this may help decide where to send users to authenticate against, in the pages where only one of the roles is allowed. In the case of a page where both are allowed, we are likely to prompt the user to enter their email in a screen held by us, rather than the provider first their email will help us figure out what role is assigned against that user.

Hi! 

I see now. As Afonso Carvalho  said I do not think that possibility exists, programmatically know the roles that allow see a specific screen. 

If I had that problem I would present always that screen to enter the email,  as they will have to do it any way, and  process it the way you are thinking to do, then the app can do the normal verification after the login is complete. 

Just an idea. 

Graça