10.2 Restrict User Access to Pages
10. Restrict Access to the Application
10.2. Restrict User Access to Pages
In the previous lesson we talked about restricting access to web pages.
Most of the time we also need to restrict access to certain parts of the web pages.
On this lesson we will focus on that and what we want to do is basically we want to
create a new role in our application which will be the Customer Support Manager.
So, first of all go ahead and create that role, I will add the role here Customer
Support Manager. And when we create this role, when we create this role,
this role is made available for selection here in all the web screen of our
application. So you see here, let me just expand this. You see here that now we have
the Customer Support User and the Customer Support Manager. And as you saw this role
can be granted through the user's application. So, this means also that when we
publish, when we publish our application this role will also appear in the user's
application so that you can grant it to user. Okay, so what we want to do,
what we want to do is to make the dashboard available only, only to the manager and
all the other users will only have access to the low and the high priority list and
the unclassified list. Okay. So let's go ahead and make this setting in all our
web screens so the dashboard will have access for the manager but not to user,
and the other ones we'll have for both.
Okay, so let's set here all of these to have access to both.
Okay, so let's, let's publish this and see what happens. Okay,
so again I am logged in as John and John doesn't have, doesn't have access to the
dashboard but he has access to all the other pages, okay? So he doesn't have access
to the dashboard because he is not a manager. So what we want to do now let me just
log out here, what we want to do now is again let me just copy here the server name,
it is again to go to the user's application so here users and we will create,
let me log in with the admin user and let's create a new user to be a manager.
So we're going to create Peter Man, and the user name will be Peter and the password
will be again 12345. Okay, we want to grant to Peter the customer support manager
role, so let's go again- customer support manager. Here it is; customer support
manager. Add the role, okay. Let's log out here from the user's application and let's
go back to our customer support and login with Peter. Okay,
so here it is Peter is a manager so he has access to the dashboard and also to the
other pages. Okay, so what we want to do now we want- -Let's go back to service
studio and let me just log out from here we want to remove from the menu here,
we want to remove the dashboard option for John because he is not a manager,
and we also want to change, we also want to change here the home entry point to go
the unclassified issues for John because he doesn't have access to the dashboard.
Okay, so let's--first of all let's work on the menu, let's work on hiding the menu
option and let me open here the menu web lock and to do that basically,
and to do that basically what we want to do here is to condition the visibility of
this option. So let me go here to widget three and I'll enclose this first,
this first option, I'll enclose it in an if, in an if widget.
And let me set here the preview settings to show only the true branch and now we
need to fill in the condition. And the condition is I only want to show this to
managers. So to have this checked on the widget here I will use a built in function,
a built in function that is here available on the role. You'll see here that on the
role you have all the roles that are available in my application and in each role there
is an API, there is a function here that allows you to check that specific role.
So what I want to do actually is to check here this customer support manager role.
And this action it has an input parameter that is optional which is,
which is the user identifier. So if I don't fill in here the user identifier this
action will actually check if the current user that is logged,
in my application, the current registered user if it has that customer support
manager role. Okay? So this is what we want. If he is a manager if he has this role he
will be able to see the option of the menu. Okay.
So the other thing that we want to do, as I've said, is to change this entry point.
okay. And again we want to go to the dashboard if the user is a manager or go to the
unclassified issue if he is not a manager, and to do that, and to do that we're
going to implement the new screen, we are going to implement the new screen but this
screen will be a special screen. Bear with me for awhile you will see why this is a
special screen. Let me just add here the homepage, the homepage screen.
And let me redirect here, just connect here let me point the entry point,
the home entry point to the homepage. Okay? And what we want to do here on this
homepage we want only, first of all let's set the role we only want users with the
roles of the application to have access to this page. So let's remove the registered
and what we'll do, what we'll do here, let me just get here in this page,
what we'll do is actually we are going to use this destination as we did before but
on the preparation of this web page. So this means that this web screen will not be
rendered. So all that we have here will not be rendered because we are going to,
we are going to change this, we are going to go through a destination and this page
would be the dashboard or in the other case, it will be the unclassified issues.
So this means that when we request this page, the page will be redirected to another
page, the screen will not be rendered, okay! And what we want to do here again is
something similar to what we did in the menu, so we want to go let me we just swap
here the connectors, we want to go to the dashboard when the user is a manager.
So, again here on the condition we want to use the check that's here,
the check customer support manager role. Okay, so this is all what we need to do,
let's publish again our application and see how
Okay, first of all let's log in with John, so John is not a manager so you should
not see the dashboard option on the menu, and he should open the application on
the unclassified issue. So let's go ahead and log in as John,
okay so no dashboard on the menu and unclassified issue this is where we are.
And I can still go to the high priority and the low priority,
and if I try to go to the homepage here it is, this is the homepage for this user.
Let's now check the application with the other user, the user that is a manager.
Let's log out here with John and let's log in with Peter, 12345,
and here we go and there it is! The dashboard is on the menu,
and the dashboard is the homepage for this user, and that's it!
No file chosen
Login to reply
Posted on 2015-11-20
apparently today it's working fine, so maybe something about being already logged in when the changes happened caused the issue.
Posted on 2015-11-20
Try to logout and login again with your user. If the problem persists I suggest you use the Submit Feedback option on the Help menu of the IDE to report this issue.
Posted on 2015-11-19
i created a new role like in the video (CustomerSupportManager) and set the permissions like in the video (every page for both User and Manager except Dashboard which is only for Manager). Then i created a new user with only the CustomerSupportUser and tested it, then added the CustomerSupportManager role without removing the User one (to check if there were conflicts or not) and everything worked fine.
But when i try to enter the page with my personal environment account i get an invalid permission on the Dashboard screen even though i have a CustomerSupportManager role. Any idea what could be the problem? Some kind of conflit with some of the other 10 roles associated with my account from other projects?
I'm sending the screenshot from my users page where you can see all the roles that i have, including the CustomerSupportUser and CustomerSupportManager which are highlighted.
OutSystems© All rights reserved. Custom built with