Can you restrict roles on a Module level and not just screen level?
A comprehensive answer. Keeping permission checks of your BL module actions does look in line with good practice to me.
Many thanks.
Hi Joseph,
There is no module level checkbox that would work the same / replace having to do it at each screen level.
What you could do is add some extra (fallback) security measures in the layout blocks to enforce stuff at the module level, but that is not a replacement for the screen checkboxes.
Dorine
Hi Dorine. You have provided a clear and prompt answer.
Hello Joseph,
I agree with Dorine. You can go with the alternative solution to protect your module.
You can find workable solution on the below link:
https://www.outsystems.com/forums/discussion/62684/how-to-protect-a-module-source-code-so-that-others-cannot-open/
Hope this helps :)
that is completely unrelated to what i'm saying, and as far as I understand it, not an answer to this question.
to check if an end user is permitted via roles can be done eighter
There is no configuration where you can specify that access to all actions or aggregates of a module is restricted to some roles. Therefore, you must check for proper permission in all relevant places. Please make sure, you always check permission on the server side. D don't rely on client-side values as those can be easily manipulated by the user or attackers.
For more information, please see the documentation on how to Validate End User Permissions in the Application.
I would also recommend encapsulating all your business logic in BL modules and ensure permission checks in all its actions. If I need to do complex permission checks in my projects, I usually implement a private CheckPermission action in by BL and use it on all public entry actions.
I hope this is the solution to your question.