Question

Level based security

0

My application is designed to use levels. After a number of days a user reaches a new level, meaning new menu's and new forms. My start-up microflow detects whether the new level has to be assigned, then something has to happen to assign the new menu's/forms/grants to this user. Any suggestions on implement security for this? Thanks!

asked 2013-12-29

Gerard Veurink

2 answers

Ferry van der Toorn · Answer 1 · 2013-12-29

In this case I would implement a user role per level, and then assign that role to a user when he/she progresses. This could be done in a flow that determines the role(s) of the user when the level it is assigned. I probably would make this configurable, by linking the 'level' entity to 1 or more user roles.

The role would give the user access to the correct forms he/she needs when on that specific level.

Shubhashish Bhowmik · Answer 2 · 2014-01-02

Gerard , I think Ferry idea is great and flexible and most important configurable at runtime.

I have a question for you. Why you need to add this in the start up microflow? If I have to check whether a user reaches a level promotion or not then I would like to use sign in microflow. Any special reason for start up microflow ?