Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Insert excerpt
_Banners
_Banners
namescreen
nopaneltrue

Introduction

There are two elements of security we will look at in this chapter:

  • Controlling who can access an application.
  • Controlling Privileges within an application.

From PhixFlow Version 9.0 onwards,

2

two user groups are automatically created

for

with each application:

  1. appname for people who need to use the application.
  2. appname_Admin for people who need to manage the application and user access to it.

where appname is the same as the application's name. 

We will cover the

fundamental

fundamentals of security and access control in this chapter using existing configuration. For more information on this topic see:

  1. Controlling User Access to Applications.
    1. This page covers this topic in more detail and explains how to
  2. setup
    1. set up new groups and
  3. role
    1. roles.
  4. Managing User Groups and Privileges.
    1. This page goes into detail about setting up user groups, roles and privileges.

Access Control

Accessing

to

an Application

  1. Open the Properties of your application

  2. Click on the 

    Insert excerpt
    _security
    _security
    nopaneltrue

tab
  1.  tab

    1. All Users Can View Application, ticking this makes the application available to all. If you want to use this option consider applying it once the application is complete.
    2. User Groups, lists the groups that have access to our application.
      Select
          1. Selecting a group
      and
          1. enables the delete icon
      appears
          1. allowing you to remove the group.
          2. Click on the group icon to see a list of available groups, these can be dragged into the list.
        1. For our example, we will leave the options as they are.

      Testing

      1. First, we need to create a new test user as follows.
        1. In the Full Repositoryright-click Users.
        2. Click 

          Insert excerpt
          _addIcon
          _addIcon
          nopaneltrue
           and set:

          1. the username and password.

          2. Enabled, tick.

          3. Add the User Group, Users to the user.

          4. Log out of PhixFlow.

      2. Log into PhixFlow as the test user. You should not be able to see your application, click on the 9 dots to open the application selection window to confirm this.

        1. If you see an error stating you cannot access this application it is because you are loading the URL to directly access the application you just restricted access to. Use the URL that takes you in to the base PhixFlow, e.g. https://myserver.phixflow.com/phixflow/start.html?
      3. Now, log back in as yourself
      4. Update the test user's associated User Groups, adding the group associated to your application. This should be the My Application group, as illustrated below:
        1. Image Modified
      5. Log in as the test user and your application is now available.

      Controlling Privileges in an Application

      Within an application, there can be varying levels of permissions. Here we will look at adding permissions to a specific button but they permissions can be added to other content to restrict access and interactions.

      1. Open the Home screen so it is ready to edit.
      2. Click on the Orders button so the properties open. We can restrict who has
      permissions
      1. permission to see this and use this button
      with a few clicks
      1. .
      2. Click on the 
        Insert excerpt
        _security
        _security
        nopaneltrue
      tab
      1.  tab.
      2. By default All Users can View Data is ticked. This allows all users permission to see and click this button.
        1.  Note it is possible to create user accounts that only have read-only permissions and therefore cannot click on any button. For more information on this see the links in the introduction section above.
      3. Untick All Users can View Data.
      4. As before User Groups lists the groups that have access to this button.
        1. Click on the group icon to see a list of available groups, drag the appname_Admin group into the list i.e. My Application_Admin.
          1. Select a group and the delete icon appears allowing you to remove the group.
      5. Save your changes.

      Testing

      1. Login as the test user created earlier.
      2. When the Home screen loads the Orders option will not appear:
      3. This option will only be available to users in the My Application_Admin user group.


      Tip

      In a future release the security will be assigned to the actionflow backing the button, this will result in all buttons using the actionflow only being available to users with the appropriate user groups.