Permissions¶
Introduction¶
The Permissions configuration section allows you to define all the Permissions available for your Application. These Permissions can be then used in any part of your Application, either in a standalone mode or extending the [Roles] of a user, to add a Permissions-Based Access Control.
For example, you can use your defined permissions
- inside your Form Models to add a Permissions-Based Access Controls to whole pages, specific controller actions and/or operations and logic
- in Business Objects Operations, to define how they will be fetched or saved based on the specified Access Controls
- and any place else you need to restrict the access to your data and operations
Adding Permissions¶
To add a new Permission, simple click on the Add... link placed under the list of your available permissions and type in:
- A unique name for that Permission, consisting of alphanumeric characters (no spaces or special characters allowed)
- A friendly description for that Permission that will help you and your Team understand what this Permission does
Info
You can access a Permission using mamba code with the following syntax: Application.Permissions.Permission_Name
Usage¶
As soon as you have defined a set of Permissions, you can use them in any Model you like. The table that follows will show you some examples of how to use your set of Permissions in any
Form Model¶
One Permission in a Controller Action¶
How-To¶
- Uncheck the Available To All Anonymous and Available To All Authenticated options of the Controller Action you need to restrict.
- Select one permission from the list of the Available inside your Application
Result¶
- Only those users that have this particular Permission will be able to execute this Action
- Any Component (e.g. a Button) that executes this Action will be visible only to those users that have this Permission
Multiple Permissions in a Controller Action¶
How-To¶
- Uncheck the Available To All Anonymous and Available To All Authenticated options of the Controller Action you need to restrict.
- Select any permissions you need from the list of the Available inside your Application
Result¶
- Only those users that have at least one of the defined Permissions will be able to execute this Action
- Any Component (e.g. a Button) that executes this Action will be visible only to those users that have at least one of these Permissions
Warning
The Multiple Permissions are checked using an OR logic, meaning that only one of the selected Permissions must be present in a User's Access Control in order for the Controller Action to be executed.
Permission check in a Form Model's Code¶
How-To¶
To check whether a User has a specific permission or not, using Mamba, you can access his/her object using the Domain.ApplicationUser
class like this:
Domain.ApplicationUser user;
user.HasPermission(Application.Permissions.Name_Of_The_Permission);
With such a line of code you can hide or format your Controls and Data using the Logic items.
Business Objects¶
Using the same command shown before, you can check for specific Permissions in any other Model of your Application. The example that follows shows a Permission Check inside a GetInformation()
operation
of a Store
Class.