In OutSystems you grant IT users permissions by assigning them roles. Below you can find the list of permission levels a role can have:
- No Access: the IT user does not have access to the environment. You can't grant application-specific permissions to users that have this permission level;
- List Applications: the user can see information about the application like its version;
- Reuse and Monitor Applications: the user can open, debug, and reuse functionality exposed by this application. The user can also monitor the application and environment performance, and monitor the business processes that are running;
- Change and Deploy Applications: the user has all the permissions for reusing and monitoring applications, but can also create, debug, change, and deploy them. The Applications screen of Service Studio only displays the applications for which the user has this permission level or higher;
- Full Control:
- If the user is assigned with a role with this permission level for a specific application, she has permissions to change and deploy that application;
- If the user is assigned a default role with this permission level, she can manage the environment settings like the date format, and external database catalogs and connections. She can also manage the front-end servers for this environment, zones, email and certificate settings, OutSystems licensing, and see auditing information of the changes made to the infrastructure.
To be able to manage external database catalogs and add external entities to an extension the user must have the permission Reuse and Monitor Applications at the environment level, even if the user has the permission Change and Deploy Applications for the application that contains the extension module.
A role also specifies two infrastructure-wide permissions:
- Manage Teams and Application Roles: the user can add and remove users from teams, and define the role they have in those teams;
- Manage Infrastructure and Users: The user has permissions to manage the infrastructure, like adding or removing environments. This permission level also allows creating and managing all users permissions, and accessing the audit logs.