Question

How does the security works in the startup microflow?

1

Hi all, Was wondering how the security in the startup microflow was working? I expect that this microflow is executed by the external Mendix environment (server) with an external user role than the allowed roles in the microflow, what is the actual security mechanism used here and how does it work ? And why is there a possibility then to set allowed roles in this startup microflow? This seems not working (tried to execute with a certain user role, but it is executed without errors, while the user is not logged in. So how does the security in this microflow works ?) Thanks

asked 2016-12-02

Rapido

2 answers

Jaap Pulleman · Answer 1 · 2016-12-02

The startup microflow is executed in a system context so for all intents and purposes it has superuser rights (i.e. it is allowed to do everything).

Ruud van Driel · Answer 2 · 2016-12-03

There is no simple answer for this question Enzo. The reason is that first at all there are three project security levels: switch off, demo mode and production. The modeler makes security checks and if there are things to improved it shows a yellow light and background on specific security areas op project level.

Beside the project level you can implement security by different roles on each module. Those roles can be limited to specific modules only or combined on project level to one, several, or all modules.

Furthermore you can give a user role specific access possibilities like create, delete, read only, and exceptions on associations en rest services.