Question

Why admin can visit test page?

0

This button trigger a microflow 2.This microflow allow roles admin,user . but test_page have only user role. 3.Why admin can still see the button in 1 , and trigger the microflow and finally see the test page , same as user?

asked 2022-06-25

Wilson Ma

3 answers

0

Hi Wilson,

Please check your app security user role section for Administrator – You would have mapped module role – ‘user’ to Administrator.

answered 2022-06-25

Steffy D

0

@Steffy D

No , I mapped Administrator to admin

answered 2022-06-25

Wilson Ma

Forgotten User Zyrv3wnxJo · Accepted Answer · 2022-06-25

I believe the security settings for pages only work when used in navigation… In this case, the security of the microflow allows admin to perform this action, so the admin can see the page…

5 Entity Access vs. Page Access

Per entity you can specify who can read or write what members (attributes and associations) under what circumstances. Using XPath constraints you can express powerful security behavior; for example, “an employee can only see orders created by the department he is a part of”.

Per page you can specify who can open it from navigation. The menu bar is optimized so that only pages that the user has access to are visible.

A combination of entity access and a page access is necessary because entities can also be accessed from microflows and custom widgets. Furthermore, you can express more advanced security through entity access.