Apply entity access in Microflow - Mendix Forum

Apply entity access in Microflow


Could you please consider enabling the "Apply entity access" property by default in Microflow?


Security protocols should always be enforced by default, making non-compliance the exception rather than the rule, requiring explicit action to opt out.



7 answers

Dear Fabian,


as it is a divided question, an option in the project configuration would be perfect! Because they would cover all cases!


No, please no.


If this is a problem in some projects, making the default a project setting would be the right way forward.




Dear Axel,


I believe you did not understand my proposal well, the option to activate or deactivate must remain, however in my opinion as we are talking about security, the default must always be the most restrictive, however we have the option to disable the restrictions to do things that you mentioned, for example, another point that makes this very useful, is in multi-tenant applications that we always need to be filtering the data so that they do not display data from other tenants.


Totally disagree. As a user you should be able to start a process / trigger functionality that create/reads/updates/deletes entities you normally shouldn't have access to.

This doesn't have anything to do with 'Security should be enabled by default' and it certainly isn't wrong to have it off.


For example: When a customer confirms an order, i want the microflow behind the 'Confirm' button to change the order status. However, I don't want the customer to have write access to the order status attribute.

Other example:

When a customer adds items to their shopping basket, i want the total value of the shopping basket to be updated. However, i don't want the customer to be able to adjust those values manually.


Totally agreeded!


Way before I think in Mendix 6 or even 5 it's was on by default and lot of people complained...... and rest is history haha... I believe in future they will provide solution, probably in app setting they will add button to make it default how ever you like it off or on.


I agree totally. Security should be Enabled by default.