Feature request: Obligatory allowed role for Microflows used as role-based home page - Mendix Forum

Feature request: Obligatory allowed role for Microflows used as role-based home page


It's currently possible to use Microflows as role-based home page without assigning any allowed roles. This doesn't sound like an issue, but I recently learned Studio Pro doesn't check any entity access rules for roles using such Microflows as home pages.

Normally, Studio Pro would show errors when a role has access to a page containing entities/attributes to which that role does not have access. However, when using a role-based home page with no allowed roles, no errors appear in the modeler.


First of all, this gives developers the false idea that their entity access is configured correctly. Also, maybe even more importantly, this can lead to errors for end users, which arise when they land on a page with entities, attributes and/or data source Microflows to which they have no acces. Enforcing developers to select at least one allowed role in Microflows used as role-based home pages, will prevent these issues.


The images below illustrate the problem. All roles have a Microflows without any allowed roles configured as role-based home page. The Microflow itself is a simple flow showing the page Home_Web (the page is also available for all roles via the navigation menu). On the Home_Web page (see second image), I've included a data grid with an entity to which none of the roles have any read rights. I've also added a DS-Microflow, with "User" as the only allowed role. As you can see, there are no errors.





After adding the role "Tester" as an allowed role to the Microflow configured as role-based home page (the "ShowHomePage" flow). I now have 7 errors related to the entity and DS-Microflow shown on the "Home_Web"-page







0 answers