You can use a conditional visibility expression on each user tile to show the button only if the user is a member. Something like:

$currentObject/System.UserRoles = [%UserRole_Member%]

Then, configure the button to call a microflow and only allow Officials and Admins access to that microflow. This will hide the button for any user who does not have those roles.

EDIT: Looks like the user role token isn’t available in visibility expressions yet. This might work: a nanoflow that returns the user’s user role record matching a particular role, and then the button displayed only if that returned record exists:

Here’s how it looks in my app:

Notice how the “User” button is only visible on users who have the “User” role

I am not sure if it is possible exactly the way you want, but here’s what you could try:

1. You could use an xpath to constraint the data and show only users with Member or Official user role to a user having Official user role.
2. You can open the edit page using a microflow and before opening check if the user is Admin, if yes, show some message e.g. “You cannot edit an Admin”

Hi Michael, 

you can achieve this by doing below for the entity whoes data needs to be edited  u can do as below : 
give access of Read and Write both to the owner ( Like Below Screen shot) 
In visibility give as applicable roles 
then the button will be visible only to owner

Hi Michael,

• The most easiest option would be to not display the Administrator role to the Official at all. You can do that via the app security –> User roles → Edit a user role → Under section called User Management
• However, if you want to display the administrator and take away(hide) the Edit rights here is what you could do:
  • Add the widget https://marketplace.mendix.com/link/component/2539
  • Add class .hiddenByWidget { display: none; }
  • Add a microflow which would return true only if the current user has a user role Member (this microflow should have input parameter Account)
  • Add datasource microflow to the widget which you just created above
  • Add a class to the Edit button for ex: btnEditAccount
  • Element to hide on false would be the same class name you gave the edit button → configure this in the widget
  • In addition to this – always have server validation (the way Shreyash mentions) to check if the user is allowed to edit as with some basic js and html knowledge if you just hide the element it can be easily hacked into!

Hope this helps!

I am trying to do it over a Microflow. I am retrieving all Users from the Database and I am trying to use an XPath constraint to see which users have the UserRole Member because this is the only UserRole an Official should be able to edit. Do you happen to know the XPath constraint? I was thinking it had something to do with [id='[%UserRole_Mitglied%]'] but this just gives me the Error message "Incompatible expression types: MyFirstModule.Mitglied, System.UserRole".

I attempted to retrieve all Users from the database and I am using the XPath constraint: [System.UserRoles/System.UserRole/id='[%UserRole_Mitglied%]'] for the retrieve (Mitglied is the Member UserRole which I am trying to filter so only this can be edited for the Official). Then I have a decision where I use the newly made variable of the retrieve (MitgliedUserRole): $MitgliedUserRole = $Mitglied But this is not working for every UserRole. Maybe something similar though?