Hi,
This is a general question about creating roles. Recently, i was being tasked with creating roles. Hope you understand that usually for commercial side, this is usually done by the higher-up, and not by developers.
I know there are a couple of ways to create it, but are there any recommended ways on where to do it?
1. In the Core Module
2. In the UI Module
3. In Lifetime user management
4. In the user URL eg. https://example.outsystemscloud.com/Users/
In terms of security, are there any differences? I think found the below link which explains a bit,
Where Should I Put My Application’s Roles in OutSystems?
I actually told my boss that i need to look into this, and asked for more time to do it.
Any advice and inputs are greatly appreciated!
Thank you.
Ps. As a side note when submitting this question, any idea on how to do something like the 'Tags' section. Where after i had selected an option, that option is no longer appearing in the dropdown list.
Hi @Jun Mun Chan ,
See my answers below the options/questions you shared.
This is where the roles belong, so they can be consumed by business logic modules, other core service modules and UI modules.
If you define a role here you will have upward reference violations when sharing this role with other module types, so do not put them here.
This application is for user management of platform users and roles (developer accounts) not application users.
You cannot define roles in this app, you can only assign roles defined in modules to users and user groups.
In terms of security, are there any differences?
Not sure what your question or concern is, but roles need to be define in a core service module.
Validations you built client side, should also be executed server side. If a server action requires a specific role to execute the logic, you need to check on the role to be assigned to the current user.
Never rely on client side role-base-access, always implement a server side counter part.
Hope this helps...
Kind regards,
Daniel
Thank you for your inputs!
Hi @Jun Mun Chan,Have you checked this below discussion ?
.
Hi Madhuri,
I didn't, and had just went thru it. Thought it didn't address my concerns, about whether there is a difference in creating roles in CORE/UI/User managements etc
Or i might have missed out on something in that discussion