Not allowed to use Module/Entity

Hi all,

I'm running into an issue that, as I saw from previous posts, a few of you encountered already. I have an on-premise solution/setup and have configured my permissions as described here in the article: https://success.outsystems.com/Documentation/11/Managing_the_Applications_Lifecycle/Manage_IT_Users/Set_Up_the_Permissions_in_a_Team

My goal is that the teams can only see the applications they are members of.

My default role is "Developer Access", my role within the team is "Developer". 

I can only see the applications from the team. That's how I want to have it. However, when I want to deploy a model in Service Studio I get the following error: 

Any ideas or recommendations how I can fix that without changing the default permission level? Again, I want that the teams can only see their own applications. Btw. all installations are updated to the latest version.

Thanks for your support.

Best Regards,

Conny

Solution

Hi Conny,

I think the problem is related to the permission levels that you have set as the default for the built-in OutSystems modules that you will be using for virtually all applications. In your scenario, it seems that Developers have access to their own apps (due to their Change and Deploy Applications permissions at the Team level), but they don't have access to the system-level components such as Users module, OutSystems UI, etc. because they only have the Access permission on their default role, and are therefore unable to even add them as dependencies.

To solve this problem, try creating a different Team that includes every person with the Developer Access role in your infrastructure, and assign them a team role with a higher permission level than Access (from reading the documentation, looks like you would need at least the Monitor and Add Dependencies permissions). Next, you would have to add all the system-level/foundation applications for the developers to be able to use them (Users, UsersLibrary, OutSystems UI, OutSystems UI Web, OutSystems Charts, etc.). 

Note that you would probably need to add every single system-level/foundation applications that you expect to be commonly used across your infrastructure (e.g. downloaded Forge components), so the application list would probably have to be updated frequently. In this sense, think if it's really worth it to absolutely hide the applications from other developers, perhaps you want your default access level to be Monitor and Add Dependencies instead of Access. Check out the Understand the Permission Model for IT Users documentation article for a closer look at how permissions work when assigned at each level.

I am currently unable to test this myself at the moment so I can't guarantee it will work, but from my understanding of IT roles and reading the documentation I think it's probably the way to solve it. Hope it helps!

Thanks a lot. That worked :)

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.