Application properties - Application permissions tab

Applications module Application properties

1. General

On the left of the dialog, you can see tabs which represent the different levels of access permissions that can be defined for the application:

• Application
  Access to the application link and the starting page in the browser, administration permissions
• Pages
  Access to additional individual pages
• Data groups
  Read and write access to application data
• File fields
  Read and write access to file fields
• Search configurations
  Permissions for search configurations
• Topics
  Permissions for topics

Click here to find out how you can add permission holders and assign individual permissions. Permission settings are transferred to the server when the application is published.

2. Application

Full access

This setting automatically activates all other permissions.

Administrate application

Permissions holders are allowed to administrate the application in the Applications module.

Use application

Permissions holders have access to the application link and the starting page of the application.

The Administrators user group has full access to all pages and data groups of the application, as well as the application itself. This setting cannot be changed within the application permissions. Remove a permission holder from the Administrators user group if you do not want them to have the permission to administrate applications. The creator of an application always has permission to administrate the application. This permission will be given automatically to the creator of an application.

3. Pages

Allows you to provide access to individual pages of the application. If you select one or more pages on the left, you can determine the permissions for all of these pages on the right. All pages, which the user does not have permission for, will be automatically hidden from the application menu. Buttons that lead to an unpermitted page will not be shown in the browser.

4. Data groups

Here you will define in which data group data can be read, added to, modified or deleted.

The data group permissions for Intrexx Share are controlled internally with Java classes and cannot be changed here.

Full access

This setting automatically marks all additional permissions.

Read data set

Permissions holders may read the data of an application.

Read data set (own)

Permissions holders may read existing data records they have saved.

Add data set

Permissions holders may add new data.

Change data set

Permissions holders may modify existing data records.

Change data set (own)

Permissions holders may modify existing data records they have saved.

Delete data set

Permissions holders may delete existing data records.

Delete data set (own)

Permissions holders may delete existing data records they have saved.

5. File fields

If a data group contains file data fields, the following permissions can be assigned here:

• Read file
• Read file (own)
• Add file
• Change file
• Change file (own)
• Delete file
• Delete file (own)
• Full access (enables all permissions named above)

To do so, select the corresponding file field in the application structure in the left-hand area of the dialog.

Apply permissions of the data group

If this setting is active, all permissions configured for the data group will be applied to all file fields contained in it. The permissions for data fields can only be set individually if this setting is not active.

If individual permissions are assigned to a single file field, a conflict check occurs. In the permissions table, the permissions will be highlighted in red if a conflict has been detected. A conflict occurs when permissions to a file field are assigned that, according to the data group, are not permitted. For example: A user may only read in the data group. If this user is given the Delete permission for a file field in the data group, a conflict occurs. The "Delete" permission will then be highlighted in red.

6. Search configurations

Select the search configurations, you would like to define the permissions for, on the left-hand side of the dialog.

Apply permissions of the primary data group

If this setting is activated, the permissions of the data group, which you have defind in the search configuration properties, will be used.

7. Topics

"Topics" are connected to WebSockets. They represent the object that WebSocket messages output/make available. A "consumer" can subscribe to a topic. A topic can be compared to a message channel that can be subscribed to.

You can grant the following permissions for topics:

Full access

If you select this option, the corresponding user is granted both the "Read topic" and "Write to topic" permissions.

Read topic

With this permission, you can control which users should be able to see WebSocket messages in the browser.

Write to topic

This permission refers to the user of a process that contains a WebSocket action or a Groovy action with WebSocket functions. You can execute processes in a user context. The permissions of the respective user are relevant in this case. If the user does not have the "Write to topic" permission, then a WebSocket message will not be sent via the process and will also not appear in the browser.

More information about WebSockets is available here:

• WebSockets
• Permissions relating to WebSockets

8. More information

Permissions