Edit Button visibility only for a specific UserRole
I have 4 UserRoles which I am using: Anonymous (before a person is registered), Member, Official and Admin. The Member is the basic membership so to speak and the Official has more possibilities in the App than the member and the Admin can do everything. The Admin can edit all the details of any Official and Member. The Member can not even see the Edit screen or button because the Member should not have these rights. My goal is to make the Edit Button visible for the Officials but ONLY the Edit Buttons of users who have Member as the UserRole. How can I do this? For example: In the Screenshot, you can see 5 users. Michael B, Timo P, Dave A are all assigned the Administrator UserRole. The Users Test4 and Test5 are only assigned the “Member” UserRole. I want to change the Bearbeiten(Edit)-Button so that the Official of the app can ONLY see the Edit Button if the user has the “Member” UserRole assigned… so only the Edit Button of Test4 and Test5. I do not know if this is possible but that is my goal.
You can use a conditional visibility expression on each user tile to show the button only if the user is a member. Something like:
Then, configure the button to call a microflow and only allow Officials and Admins access to that microflow. This will hide the button for any user who does not have those roles.
EDIT: Looks like the user role token isn’t available in visibility expressions yet. This might work: a nanoflow that returns the user’s user role record matching a particular role, and then the button displayed only if that returned record exists:
Here’s how it looks in my app:
Notice how the “User” button is only visible on users who have the “User” role
I am not sure if it is possible exactly the way you want, but here’s what you could try:
You could use an xpath to constraint the data and show only users with Member or Official user role to a user having Official user role.
You can open the edit page using a microflow and before opening check if the user is Admin, if yes, show some message e.g. “You cannot edit an Admin”
you can achieve this by doing below for the entity whoes data needs to be edited u can do as below :
give access of Read and Write both to the owner ( Like Below Screen shot)
In visibility give as applicable roles
then the button will be visible only to owner
The most easiest option would be to not display the Administrator role to the Official at all. You can do that via the app security –> User roles → Edit a user role → Under section called User Management
However, if you want to display the administrator and take away(hide) the Edit rights here is what you could do:
Add a microflow which would return true only if the current user has a user role Member (this microflow should have input parameter Account)
Add datasource microflow to the widget which you just created above
Add a class to the Edit button for ex: btnEditAccount
Element to hide on false would be the same class name you gave the edit button → configure this in the widget
In addition to this – always have server validation (the way Shreyash mentions) to check if the user is allowed to edit as with some basic js and html knowledge if you just hide the element it can be easily hacked into!
Hope this helps!
I am trying to do it over a Microflow. I am retrieving all Users from the Database and I am trying to use an XPath constraint to see which users have the UserRole Member because this is the only UserRole an Official should be able to edit. Do you happen to know the XPath constraint? I was thinking it had something to do with [id='[%UserRole_Mitglied%]'] but this just gives me the Error message "Incompatible expression types: MyFirstModule.Mitglied, System.UserRole".
I attempted to retrieve all Users from the database and I am using the XPath constraint: [System.UserRoles/System.UserRole/id='[%UserRole_Mitglied%]'] for the retrieve (Mitglied is the Member UserRole which I am trying to filter so only this can be edited for the Official). Then I have a decision where I use the newly made variable of the retrieve (MitgliedUserRole): $MitgliedUserRole = $Mitglied But this is not working for every UserRole. Maybe something similar though?