Security and Permissions

Security can be applied to Actionflows so that only those with sufficient permissions can run the Actionflow. In addition, if an Actionflow is assigned to a button and the user does not have permission to run the Actionflow, the button will not be displayed on a screen.

Permissions can also be set on form fields, table attributes and screens. For example, if a user does not have permission to view the form fields but runs an Actionflow that uses these fields, the Actionflow will show an error.

Access Permissions

For some items, you can specify a user group, e.g. Managers, or set of user groups, where only users in this group(s) have permission to see the item.

You must have saved the property tab at least once before you can change the permissions.

Access Permissions	Description
All Users Can View Data	Tick to allow all users to view this item. Untick to specify the user groups that can access this item.
User Groups	Available when All Users Can View Data is unticked. The grid contains a list of user groups that have permission to access to this item. To add a user group to the list: Click the icon to list all the user groups in the repository Drag user groups into this list To remove a user group from the list, click the tick box next to the user group then click the icon.

Worked Example

Here's a worked example using the Company Data (available from the Learning Centre).

In this example, we are using:

A Company Merger Pop up screen containing:
- two manual drop down fields of the company name's of the companies to be merged
- two string fields showing the company ID's of the companies to be merged
- a button to initiate the Actionflow - this screen was created using the Tile no Buttons template

If you are completing this chapter as part of the Actionflow course and using a training instance, the data and screens have already been pre-loaded into the Actionflow Advanced Application. For this example, we'll be working on the Company Merger Pop up screen.

Limit Permission to Merge Companies

In this example, we'll limit the users/user groups that can run the Actionflow that merges two companies together.

gif

Prerequisites

For this example, we'll limit permission to run an Actionflow that merges two companies together. This Actionflow was created in 3.04 Bulk Update Action Configuration. If you have not completed this chapter, expand the section below and follow the steps to create the Actionflows.

Bulk Update Company Acquisition Actionflow

Error rendering macro 'excerpt-include' : No link could be created for '3.04 Bulk Update Action Configuration'.

Create Limited Access User

In the Full Repository, expand the Users section
Click to create a new user who will not have access to run the acquisition
1. Login: limitedaccess
2. First Name: Limited
3. Surname: Access
4. Password: Phixflow123!
5. Enabled:
6. Apply the user
In the Repository, expand the Actionflow Advanced Application and scroll down to the User Groups section
Click the icon to add a new User Group:
1. Name: LimitedAccessGroup
2. Apply the group
3. In the Users section, click the icon and drag across your Limited Access user into the Users section
4. Close the Users window
5. Click Apply and Close on the User Group tab

Change Actionflow Permissions

Open the Company Merger Pop up screen and open the Actionflow on the Run Acquisition button
Open the Actionflow Properties
Click on the Security tab
Disable All Users can Run Action
Click the icon and drag across all User Groups except the LimitedAccessGroup into the User Groups section of the Security tab

Change Application Permissions

Click on the Home icon in the top left of Phixflow
Click the Properties button on the left to open the application settings
Click on the Security tab
Click the icon
Drag across the LimitedAccessGroup into the User Groups section

Testing

Log out and login as the user Limited Access
1. Click the Run Acquisition button

3.07 Actionflow Security and Permissions