Application properties - Application permissions tab
On the left of the dialog, you can see tabs which represent the different levels of access permissions that can be defined for the application:
Access to the application link and the starting page in the browser, administration permissions
Access to additional individual pages
- Data groups
Read and write access to application data
- File fields
Read and write access to file fields
- Search configurations
Permissions for search configurations
Permissions for topics
Click here to find out how you can add permission holders and assign individual permissions. Permission settings are transferred to the server when the application is published.
This setting automatically activates all other permissions.
Permissions holders are allowed to administrate the application in the Applications module.
Permissions holders have access to the application link and the starting page of the application.
The Administrators user group has full access to all pages and data groups of the application, as well as the application itself. This setting cannot be changed within the application permissions. Remove a permission holder from the Administrators user group if you do not want them to have the permission to administrate applications. The creator of an application always has permission to administrate the application. This permission will be given automatically to the creator of an application.
Allows you to provide access to individual pages of the application. If you select one or more pages on the left, you can determine the permissions for all of these pages on the right. All pages, which the user does not have permission for, will be automatically hidden from the application menu. Buttons that lead to an unpermitted page will not be shown in the browser.
Here you will define in which data group data can be read, added to, modified or deleted.
The data group permissions for Intrexx Share are controlled internally with Java classes and cannot be changed here.
This setting automatically marks all additional permissions.
Read data record
Permissions holders may read the data of an application.
Read data record (own)
Permissions holders may read existing data records they have saved.
Add data record
Permissions holders may add new data.
Change data record
Permissions holders may modify existing data records.
Change data record (own)
Permissions holders may modify existing data records they have saved.
Delete data record
Permissions holders may delete existing data records.
Delete data record (own)
Permissions holders may delete existing data records they have saved.
If a data group contains file data fields, the following permissions can be assigned here:
Full access (enables all permissions named below)
Read file (own)
Change file (own)
Delete file (own)
erteilt werden. To do so, select the corresponding file field in the application structure in the left-hand area of the dialog.
Apply permissions of the data group
If this setting is active, all permissions configured for the data group will be applied to all file fields contained in it. The permissions for data fields can only be set individually if this setting is not active.
If individual permissions are assigned to a single file field, a conflict check occurs. In the permissions table, the permissions will be highlighted in red if a conflict has been detected. A conflict occurs when permissions to a file field are assigned that, according to the data group, are not permitted. For example: A user may only read in the data group. If this user is given the Delete permission for a file field in the data group, a conflict occurs. The "Delete" permission will then be highlighted in red.
Select the search configurations, you would like to define the permissions for, on the left-hand side of the dialog.
Apply permissions of the data group
If this setting is activated, the permissions of the data group, which you have defined in the search configuration properties, will be used.
"Topics" are connected to WebSockets. They represent the object that WebSocket messages output/make available. A "consumer" can subscribe to a topic. A topic can be compared to a message channel that can be subscribed to.
You can grant the following permissions for topics:
If you select this option, the corresponding user is granted both the "Read topic" and "Write to topic" permissions.
With this permission, you can control which users should be able to see WebSocket messages in the browser.
Write to topic
This permission refers to the user of a process that contains a WebSocket action or a Groovy action with WebSocket functions. You can execute processes in a user context. The permissions of the respective user are relevant in this case. If the user does not have the "Write to topic" permission, then a WebSocket message will not be sent via the process and will also not appear in the browser.
More information about WebSockets is available here:
Click here for more information about how to add users.