Hi Everyone, I have 'Administrator' and 'User' user roles who have access to certain pages. In the Project security > Administrator, initially I selected 'Administrator' as user role for MxAdmin. When I run the project locally and log in as MxAdmin, I was able to see correct pages and only had one role associated to MxAdmin account, so far all good! When I go back again to Project security > Administrator and change the user role from 'Administrator' to 'User' and re-run the project locally, I expected the MxAdmin account to be just associated with user role 'User' but it seems like MxAdmin account has now got two user roles (Administrator and User). If I change this project security setting again to select any other new user role (example Finance) then this role also get associated to MxAdmin account and the list of associated user roles will increase by one. When I deploy the change to test environment and log in as MxAdmin then the MxAdmin account is still associated to 'Administrator' role instead of 'User'. I never noticed this behaviour before maybe because I never changed the MxAdmin role from 'Administrator' to any other role. Just wanted to check with community if anyone tried this scenario and faced similar issue? Is this a bug or expected behaviour? EDIT: This issue is fixed in 7.18.0, please find the comment by Mendix below; " We have fixed this issue in Mendix 7.18.0. Starting from Mendix 7.18, MxAdmin user has only one role - the one configured in the Security settings of the project. But if an existing gets upgraded to the Mendix 7.18 for local projects no changes in the MxAdmin user roles are done until you select a different role in the Security settings and the project has to be restarted. This ensures that create_admin_user action is sent with a new role to Runtime. Please note that for apps deployed on premise the creation of an admin user has to be initiated from the Service console. " Thanks in advance!
It seems like this issue was fixed in the 7.18.0 release.
Quoting the 7.18.0 release notes: "We fixed the issue causing the built-in admin user to retain old roles when a new role was selected in the Security configuration of the app project. (Ticket 65664)"
Nathan van der Lei
Never tried the situation myself but by looking at this documentation:
'This user is always created and has the System.Administrator role by default. This module role allows any user with this role to manage your users. On sandboxes the user that created the application automatically has this role by default as well so you can use it to administer your users in that environment. This role may be helpful in case for some reason you have exceeded your user license restriction in which case you can use any user that has this System.Administrator role to login to manage your users.'
It might make sense that the MxAdmin user always keeps the Administrator role to login and manage the users.
For example, users with the Customer role can only view Orders that are associated to the customer this user is part of. While the data that ... If an access rule prohibits write access, your client will display it as non-editable. This way you are aware, as developer, about the (correct) working of an access rule .. Tutuapp9appsShowbox