Microflow select current user

i have a system with 4 Modules [Administration,System,Bug,Project] and i have 5 users[Administrator,DevelopmentManager,Projectmanager,Test_Manager,Developer,and Test] so every users role can create a project and a bug so i want the user to access only the projects or bugs that he created. So i have been using a microflow so with the first Action activity in the microflow i retrieved from the database Administrator.Account and on the Xpath i said where [Name = currentUser/name] and on the Second Action Activity i called a Form[Project.Project] but it doesnt give me an option to select on the Form Object
1 answers

Since this is actualy a security issue i would set this on the xpath of your security rather than on your screens. To do this open your security tab in the module that you want to restrict say Module Project. There you have to set the entity access for in this case A Bug.

There are multiple ways to set your entity access, either via security -> entity access or via your domain model when you dubbleclick an entity.

I prefer the second one because i think it provides you a better overview.

So go to the domain model open your entity and go to the tab Access rules. Once there add a new rule for the userroles that you want to provide access. Now this is where it gets tricky.

Set all attributes that the user should be able to read and write to read and write and all attributes that he should be able to just read to read. Then go the Tab Xpath and there add the following code

[ Project.Bug/Bug_Account = '[%CurrentUser%]']

Basically what this does is setting a boundry for when to apply this rule. The boundry now says that the bug should be connected to the current user in order to read and write those attributes.

You probebly are wondering right now that you might not have a direct link to the bug but instead you have Project that is owned by a user. Thats no problem just start from your Bug and then go to project that is linked to the current user e.g.

[Project.Bug/Bug_Project/Project.Project/Project_Account = '[%CurrentUser%]']

Luckly for you mendix actually was ahead of you because they implemented a neat trick where you are able to set the xpath based on the owner of an Object. By default mendix tracks the owner of all entities. You can check this out by double clicking an entity in your domain model e.g. Project.Bug and see if the System member 'Store 'Owner'' is checked.

If it is then you can go back to your entity rule that you just created, go to the xpath tab and hit the Append Constraint 'Owner' Button.

Basically this will do exactly that what you want. Applying read/write access for the creator of an object.