Mendix ACL Prevention

0
Hi I want to ask how to prevent user to access the System.user information object related only for that user, currently i face condition when I loggin with user A, i can see all the list of user under Entity System.User.   How to prevent when do this access to API only returned the object  which belogngs to session user loggedin   {     "action":"retrieve_by_xpath",     "params":{         "xpath":"//System.User",         "schema":{         },         "count":false     } }    
asked
1 answers
0

This should already be the case. 

 

image.pngimage.png

 

When I test this in my applications, I can only see the user that I'm logged in with. Are you sure you're not logged in with a role that has rights to access other user roles?

 

 

 

 

answered