Access Permissions
  • 2 Minutes to read
  • Contributors

    Access Permissions


      Article summary

      Access permissions in an app are crucial for providing authorization to users, roles, or entities to access specific sections of an app and perform transactions. They play a fundamental role in securing an app and controlling access to various resources within it.

      Access permissions define the actions a user or entity can perform in an application, such as Editable, Read-only, or Hidden. These permissions ensure that only authorized individuals or entities can access certain sections of an app and perform transactions.

      EXAMPLE

      Use case: Employee Management System

      In an Employee Management System app, access permissions are crucial for ensuring that only authorized personnel can view or modify sensitive employee information. Here's how access permissions could be applied:

      Role-based access control (RBAC): Different roles are defined in the system, such as "Employee," "Manager," and "HR Manager." Each role has different levels of access to the app's features and data.

      • Employee Role: Employees can view their own profile information but cannot access or modify other employee records.
      • Manager Role: Managers can view and edit information for employees in their department but cannot access records outside their department.
      • HR Manager Role: HR Managers have access to view and edit all employee records and can perform administrative tasks such as adding new employees or terminating existing ones.

      Entity-based access control: Access to specific entities or data fields within the app can be restricted based on the user's role.

      For example, only HR Managers may have access to sensitive information such as salary details or performance reviews, while other roles are restricted from viewing or editing this information.

      Fine-grained access control: Access permissions can be further refined based on specific criteria, such as time-based restrictions or conditional access based on certain data conditions.

      For instance, a temporary manager hired for a specific project may be granted access to certain employee records for the duration of the project only.

      By implementing access permissions in this manner, the Employee Management System app ensures that sensitive information is protected and that users can only access the data and features relevant to their role or responsibilities.

      Defining Access Permissions

      The Access Permissions page consists of two sections:

      Permission-Step Name Section: This lists the workflow steps which are previously defined while creating the workflow.

      Sections and Elements Section: This lists the sections and elements defined while creating the application. Each Section/Element has the following options:

      • Editable: Allows the user to edit the values in that section's element fields in the application.
      • Read-only: Allows the user to only read the values in that section's element fields in the application.
      CAUTION

      Setting User Detail fields in access permissions to Read-Only may lead to data visibility issues for end-users. This is because the platform may be unable to retrieve the respective user's data due to certain constraints.

      • Hidden: Hides the whole section from the actor/user in the application.
      • Custom: Provides custom permissions for the actor/user to take action on the element fields according to the defined permissions for that section in the application.

      Defining Access Permissions in Your Application

      1. Select the step and then choose the section to define its permission.
      2. If you choose Editable, the user for this step can modify the values of the element fields in the application.
      3. If you select Read-Only, the user assigned to this step can only view the values of the element fields in the application.
      4. If Hidden is selected, the user will not be able to see this section in the application.
      5. By choosing Custom, the citizen developer can have custom permissions to interact with the application elements based on the defined permissions.
      6. After defining the Access Permissions for all steps, click Publish





      Was this article helpful?

      What's Next