How to give users different rights in different modules?

Hello, how can I translate the following user rights to the mendix user role-/module-role-system? User Sam has write access in Module A, write access in Module B, read access in Module C, no access in Module D. User Kim has read access in Module A, write access in Module b, no access in Module C, write access in Module D. User Maria has read access in Module A, read access in Module b, write access in Module C, write access in Module D. ... In each module I have a module role editor and a module role reader. Now I could create a user role for each combination of module roles, but with 6 modules there a so many combinations that this is not very comfortable and the chance for errors is rising.   Is there a better solution? Thank you for helping. Miriam
4 answers

Revert your way of thinking. Instead of the module-roles, start at creating the project-roles. In your example Sam, Kim and Maria each need their own set of rights, this implies that their jobdescription differs too. Ask the HR-departement  for their job-titles. You should use those job-titles as the name of the project-roles you create. 'Sales representative', 'Regional manager', 'Receptionist' are good names for project-roles. 

For marketplace-modules, link your project-roles to the marketplace-module's provided module-roles.

For your own modules, for which create and control the code, you can decide to either create functional module-roles, like you described: 'editor', 'reader'. Or you can create a module-role for each project-role. Whichever suits your module best. 



Do you need all different combinations? You describe 3 different combinations by users using them. But what are the functional roles that they have?


If you do have a use case for every combination, then you would have to model them.


Hi Miriam, 

besides finding the better solution in the answers, consider finding the theory behind it in the learning paths. 


I think this one will give you a better understanding of the way it works in Mendix, so you can implement the solution as described by Tim.



Hi to you all,

thank you for your answers. 


I will explain my usecase: My app is for collecting and analyzing data in environmental and occupational health themes. Every module stands for one theme: waste, hazardous materials, machines, employee trainings, preventive examinations of employees, and so on. Every theme is related at least to one of the others. Because of this they are collected in one App.

In the usecase there is no HR-related job system, but in every department somebody is responsible for filling in data. In some departments one person do all themes, in others it is distributed to different persons. So I have to give different access rights to (nearly) every user.


I will look at the academy-path, I didn't found this one when I looked for - I had the wrong search key... Maybe it will help a bit. But from your answers I guess that I have to model a lot of user roles.


Have a nice day.