How to grant and revoke granular permissions
How can I give end-users the ability to assign fine-grained permissions?
For example: I want to implement permissions to View, Print, Edit and Delete and I want these roles to be granted and revoked by certain end-users of the Application and not the development team.
Answer
To give end-users the ability to grant and revoke fine-grained permissions follow these steps:
-
Create a role for each granular permission in a Module of your Application.
-
Use the role functions to restrict or allow access on your screens and logic:
- CheckViewRole()
- CheckPrintRole()
- CheckEditRole()
- CheckDeleteRole()
-
Create a back-office screen and use the related role actions to manage the permissions:
- GrantViewRole(), RevokeViewRole()
- GrantPrintRole(), RevokePrintRole()
- GrantEditRole(), RevokeEditRole()
- GrantDeleteRole(), RevokeDeleteRole()