Restrictions for a Local User

0
Hello,   I have an local user called "Administrative staff". Is it possible that this local user "Administrative Staff" creates an Local User "Doctor" where Mendix automatically creates a personal homepage for this Local user? For instance, The local user "Administrative Staff creates a local User called "Doctor". This "Doctor" will receive an User name and Password. Is it possible ,when this Doctor logs in, he can only see the patiens that are assigned to him based on his Local User account? Which means, can mendix create a page where this particular doctor can only see the patients assigned to him? I doubt this is possible because the local user "Doctor" is added after the mendix model is completed.    Kind Regards,    
asked
2 answers
3

Hi Max,

I think you are mixing up the terms User and UserRole a bit.  But to answer your question:
Yes -  It is possible to set the access rules based on the  currently logged in user and his account (applied at runtime) and also based on the certain user roles (also applied at runtime). For more information on this topic see  http://www.nolanramsey.com/blog/2015/8/22/how-to-build-a-mendix-security-model-part-2-entity-vs-ui
I am sure there are also a ton of other resources online about this.

Hope this helps,
-Andrej

PS: In your concrete situation what you need is a Role Based Homepage for "Doctors" - you need to create this user role in your project. Then only allow Doctors to see data from their own Patines using access rules in the entity model e.g.  on the Entity Patient you would have an Xpath acess rule that looks something like this

[MyModule.Doctor_Patient/MyModule.Doctor='[%CurrentUser%]']

 

answered
0

Yes we can. We should use the user and user roles, to let the administrator create doctors. For the doctor to see only his patients, we can compare the current user who logged in and an attribute i.e., doctor's name from the patients entity and display the resulting data.

answered