Intrexx provides multi-level permissions to manage which users have access to certain applications, pages, datagroups, files or search-configurations. In this post I want to show you what this means and give you hints on how to use the permission module.
In Intrexx you can grant permissions to every unit in your user-module. This may be single users, groups or any other type of element you find in the user-module. Since I really don’t recommend to grant permissions to single users I’ll skip that part and focus on groups.
Levels of permission
You have to set the permissions for every single application in your portal. Application permissions in Intrexx work on several levels.
The first level is to grant access to the application in general. You can define if the user is able to access the application in the browser, or if he is even allowed to modify the application with the portal-manager.
The second level is to grant access to certain pages. Here you can define if a user can access the page or not.
The third level is to grant access to datagroups. This level offers a few more options as the ones before.
So obviously Intrexx has the possibility to tell who the owner of a single record is.
There are two additional level which aren’t really important for now.
Effects of permission
So how will you know you don’t have access to something?
It’s pretty simple actually:
- If you don’t have the permission to access a page, any links that target this page will be hidden in the browser.
- If you don’t have the permission to Create, Change or Delete a record, the corresponding button will be hidden.
- If you don’t have the permission to read one or multiple records, these records won’t be shown in tables or lists.
For setting up permissions to an application, you first have to define how many different groups are using the application. Usually you have at least two groups for one application: Admins and Users. For this you can either use the two groups Administrators and Users which Intrexx delivers by default or – what I recommend – define and create your own groups that are specific to this application.
You can create new groups in the users-module by navigating to the container you want the group created in and right-clicking into the view-area that shows the content of this container and select “New->New group”.
Use the new Groups
After you created the groups, head back to the application and open the properties-dialog of the application. Select the permissions-tab and start adding the new groups for application, pages and datagroups.
Usually admins have full-access to everything. Depending on the application, other users may only be able to see their own records.
This means add both, the admin-group and the user-group to each, application, pages and datagroup.
To let the users only be able to add, view, edit and delete their own records, just uncheck the other checkboxes. To make this construct work you also need to define who the owner of a record is. You can do this in the properties dialog of the datagroup. Select an Integer data-field that represents the user-id of the record-owner.
Finally publish the application and test the changes by logging in as users with the two different memberships.