Customer Scoped Roles
Skyve version 20180212
added the ability to define customer scoped roles. While Groups and Roles allow user permissions to be managed at the module level, some applications have permissions which span multiple modules and the permissions need a way to be linked to function correctly (e.g. a user may have incomplete access to application features if module permissions were not correctly applied to their account). To address this, a customer scoped role can be defined in the customer.xml which allows roles to be aggregated together into something coherent and cross module.
<roles allowModuleRoles="true">
<!-- External Access Roles -->
<role name="External Basic">
<description>Basic role for all external users</description>
<roles>
<role module="admin" name="BasicUser"/>
<role module="admin" name="AppUser"/>
<role module="module1" name="ExternalBasic"/>
<role module="module2" name="ExternalBasic"/>
</roles>
</role>
</roles>
The allowModuleRoles
property controls whether the module roles show up in the admin User Interface or not.
Full documentation is available in the Skyve Cookbook.
If you have any questions, feel free to reach out to us via Slack, email, or Google Groups.