Actions with permissions

By Gonçalo Almeida on 18 Dec 2012
Hi,

As a secutiry increase to our applications it would be nice if we could assign roles (former permission areas) to screen actions and user actions.

This way users that didn't have permission to run them, would never be able to use firebug and other tools in order to activate buttons that trigger the action and we wouldn't need to always be "asking" in every action, if the user has permission to run it.

Another benefit would be, by unchecking the anonymous role, we could also automatically know if a session timed out, without having to "ask" that also in every action.

What do you guys think?
Well do like the option to have it, but still as an developer you must be aware of which items can be 'discoverd' by the developer tools (like firebug).

In mine opion an user musn't be able to 'find' or enable stuff that's on his screen what he shouldn't be seeing.

The session time-out part -> don't really understand that, why should you check that in every action?

Kind regards,
Evert
Kilian Hekhuis27 Dec 2012
"In my opion a user musn't be able to 'find' or enable stuff that's on his screen what he shouldn't be seeing." - Though I agree with this, when e.g. using an IF on the screen, the part not shown is, iirc, merely hidden, so with F12/Firebug it's easy to enable it.
Hi Evert,

The session thing is because in some actions we need to save data and need to check if the user is still in session for him to be able to save that data (because we also use some session variables like the userId).
Hello Goncalo,

Why don't you use the OnSessionStart action for that (as a general action)? Then you can make the user login again (or do something else).

Kind regards,
Evert
Daniel Lourenço22 Oct 2012
The ability to the indicate at the action level that it can only be execute if a specific Role is granted to the user in session.

This would make it easier to extend the OutSystems security model to the business logic layer (without having to "program" the rules with validations in the business flow).

Kind Regards,

Daniel Lourenço

Merged from 'Role-based security for Actions' (idea created on 2012-10-22 10:30:44 by Daniel Lourenço), on 2014-01-24 12:21:10 by Gonçalo Borrêga
Shraim5 Nov 2012
Interesting idea but how will the logic behave if a user/role are not authorized for a certain action? Should it through a runtime exception with a custome message? With Ui we can choose to disable a widget but with an action what should happen? If we decide to disable widgets from Actions would this violate seperation o logic and UI?

Merged from 'Role-based security for Actions' (idea created on 2012-10-22 10:30:44 by Daniel Lourenço), on 2014-01-24 12:21:10 by Gonçalo Borrêga
Shraim, thank you for your comment.

My view would be for the platform to simply generate an exception. What happens is that many times you want to make sure that only one specific profile can execute an action. Normally this results in a button being hidden and, for the most cautious, to put a business validation in the action logic itself (so that, even if the button is open, the user cannot execute the action if he does not have the appropriate role). This would avoid needing the second step and having the security model helping us the control at the action level.

Kind Regards,

Daniel

Merged from 'Role-based security for Actions' (idea created on 2012-10-22 10:30:44 by Daniel Lourenço), on 2014-01-24 12:21:10 by Gonçalo Borrêga