How to configure role-based access in OutSystems so certain screens are visible only to specific roles?

Configuring Role-Based Access in OutSystems to Restrict Screen Access

Role-based access control (RBAC) in OutSystems allows you to define permissions at a granular level, ensuring that specific screens or functionalities are only accessible to users with certain roles. This guide provides a comprehensive step-by-step explanation for configuring RBAC in OutSystems to manage screen visibility based on user roles efficiently.

Prerequisites

• Access to an OutSystems account and a basic understanding of its architecture.
• A project/application set up in OutSystems for which you want to configure role-based access.
• Understanding of the different roles required for your application (e.g., Admin, User, Viewer).

Understanding Roles and Permissions in OutSystems

• Roles in OutSystems are used to define user access levels and control permissions for application components.
• By associating screens or actions with roles, you can dictate which users can access specific parts of your application.
• Roles can be assigned either manually through user management or via automated processes in your workflow.

Defining Roles in OutSystems

• Navigate to the "Data" tab in Service Studio under your application module.
• Under "Entities," find and select the "User" entity to manage roles.
• Create new roles if necessary by right-clicking on the "Roles" section under "Data" and selecting "Add Role."
• Name the role appropriately based on the access it will control (e.g., Admin, Editor, Viewer).

AssigningRoles to Users

• Access your application’s environment management screen, usually found in the OutSystems Users application or LifeTime portal.
• Navigate to the "Users" section to manage user accounts and roles.
• Select a user and assign the newly created role by editing their account details.
• Repeat this process for every user and role combination as per your requirements.

Implementing Role-Based Screen Access

• Open the screen for which you want to set role-based access control in your application module.
• In the properties panel of the screen, locate the "Roles" section.
• Use the "Add/Remove" button to specify the roles that should have access to this screen.
• If you want multiple roles to access a screen, you can select them accordingly.
• Once configured, this screen will be visible only to users with the specified roles upon application execution.

Controlling Logic Based on Roles

• Inside your screen logic, utilize conditional statements to further customize features based on user roles.
• Utilize the built-in function Check to determine if the current user has a specific role.
• Example usage:

  <pre>
  If (Check<Role>("RoleName")) {
    // Execute actions allowed for this role
  } else {
    // Optionally handle restricted access
  }
  </pre>
  

• Incorporate these conditions in screen actions, buttons, or data sources as needed.

Testing Role-Based Access

• Use the testing environment in OutSystems to ensure role-based access is working as expected.
• Log in with different user accounts assigned with various roles and verify screen visibility and functionality.
• Ensure that users without the necessary roles do not have access to restricted screens.

Deploying the Application with Role-Based Access

• Once tests confirm that roles are configured correctly, proceed to deploy your application to the desired environment.
• Utilize OutSystems' deployment tools to move your application with role configurations to production.
• Continuously monitor and manage roles and permissions as user requirements evolve.

By following these detailed steps, you can efficiently implement role-based access control in your OutSystems application, enhancing security and managing the user experience based on permissions systematically.