PhixFlow Help

15. Controlling access to apps

Owned by Chris Welford
Last updated: Dec 15, 2017
2 min read

In this chapter we will introduce some control around who can access our app, and within the app, who can use certain administrative functions. We will also remove a button that is standard on views, to prevent unauthorised downloading of data.

Controlling access to apps

Add control to your app. To recap the steps in the video:

Restrict access to app

  • Open the configuration form for the app Contacts
  • Open the section Access Permissions
  • Untick All Users Can View Application
  • Save your changes

To test this:

  • Create a user (remember you need to go into the Full Repository browser to do this)
    • Don't forget to tick the Enabled flag for the user
  • Add the user group App User to the user
  • Logout, and log back in as this user
  • You should now be only able to see the standard app PhixFlow - i.e. not the Contacts app

Add access to app

  • Log back in as your modelling user (train)
  • Open the repository browser under the application Contacts
  • Add a User Group
  • Call the user group Contact User and apply your changes
  • Open the section Applications, and bring up the list of applications
  • Drag in the application Contacts
  • Still in the user group configuration form, add your test user

Log back in as your test user, and check that now you can access the Contacts app.

Create admin level access

  • Log back in as your modelling user (train)
  • Go into the configuration for the button Import Contacts, follow the quick link to the custom action that backs this
    • In the action configuration form, open the section Access Permissions
    • Untick All Users Can Run Action
  • Similarly, remove general access from the custom action that backs the button Create Invoice
  • Go to the menu item Contact Types in the Contacts dashboard
  • Right click, and select Show the Menu Item Configuration
    • Follow the quick link to the action that backs the menu item
    • Remove general access to this action
  • Similarly, remove general access from the menu item Contact Types under the Contact Management menu at the top of PhixFlow
  • Open the repository browser under the application Contacts
  • Add a User Group
    • Call the user group Contact Admin and apply
    • Open the section Stream Actions
    • Bring up the list of actions
      • In the repository browser for actions, you will find all the actions you need under the stream Contacts
      • Drag actions for all four administration functions into the user group
  • Create a test admin user
    • Add this user to the user groups:
      • App User
      • Contact User
      • Contact Admin

Now try logging in with both the test contact user, and the test contact admin. Ensure that the contact user cannot see the administration functions, but the admin user can.


Controlling access to data functions

Remove the file download button from the grid view in the Contacts app:

  • From the grid view, go into the dashboard element details
  • Open the section Header Options
  • Untick Display Export Button
  • Save your changes
  • The file download button should no longer be shown in the header of the grid view

Next chapter: 16. Auditing Data Changes

Please let us know if we could improve this page feedback@phixflow.com