User role access

In my model projects are approved by users with a specific role. These rules are modeled in an entity associated to role and related to amount. For example <= 10K user role 'Project manager', >10k User role 'manager' etc. The user management is done by the role 'application manager'. He has the rights to create managers and project managers. When a project is submitted by the project manager, he will not see the role 'manager' because he has no right to create users with this role. Any idea? I don't like to disable entity access or grant manage access.
2 answers

Create a separate role type of entity connect that to the users. Now this entity will allow the user to select the appropriate role, because it's not limited by the user roles. The in an event MF set the user role, the MF should not take entity access into account (default behaviour). So now the Project Manager can implicitly select the user role from the new role entity.

Hope this helps, as there is not a lot of detail in the question, but maybe this will point you in a solution direction?


Thanks Erwin,

To rewrite my answer: why is a user not able to read a userrole he can't manage even though he only wants to read this role?

IMHO Mendix should not limit the ability to read the role but only the option to create the association UserRoles. But this is the system domain model which probably makes it hard to implement.