Configuring Roles & Privilege
Roles: Defining User Profiles
Understanding Roles
Roles are essential in defining distinct user profiles within Qodly. Each role corresponds to a specific set of privileges, and access levels (Permissions).
Role Hierarchy
Roles can be structured hierarchically, allowing for an organized and layered access control system. In Qodly, higher-level roles can inherit the privileges of lower-level roles, creating an efficient method of managing user access. This hierarchy enhances the granularity of access management and facilitates a streamlined approach.
Adding Roles
To add a role:
- Open the
ExplorerPanel. - Navigate to the
Roles and Privilegessection. - Click on the
Rolestab to access role management. - To create a new role, click on the
Add new rolecard.
In a back-office travel agency solution, you might create roles such as:
| Roles | Description |
|---|---|
| Agent | Reserves and customizes travel packages for clients. |
| Content Manager | Manages website content, including creating and updating travel packages. |
| Sales Manager | Manages customer bookings, views sales reports, and generates invoices. |
Privileges: Enabling Controlled Access
Understanding Privileges
Privileges define the specific permissions that users of different roles can perform. By assigning privileges to roles, you determine the extent of a user's access to data and functionalities.
Adding Privileges
To add a privilege:
- Open the
ExplorerPanel. - Navigate to the
Roles and Privilegessection. - Click on the
Privilegestab to access privileges management. - Click on the
+button to create a new privilege.
In a back-office travel agency solution, you might create privileges such as:
| Privileges | Description |
|---|---|
| ManageReports | Access to sales reports and statistical data. |
| ManageBookings | Manage customer bookings, verify reservations, and generate invoices. |
| ManageContent | Access and manage the travel agency's online content. |
Interplay Between Roles and Privileges
Achieving the optimal synchronization of roles and privileges ensures seamless task execution for users while maintaining robust data security.
To assign one or multiple privileges to a role:
- Navigate to the
Rolestab within theRoles and Privilegessection. - Select the desired role (e.g.,
Sales Manager). - Locate the privileges side section on the far right.
- In this section, you'll find a comprehensive list of available privileges.
- To assign a privilege, click the
+icon. - To remove a privilege, simply click the
-icon.
For instance, a Sales Manager role might possess privileges like ManageBookings and ViewReports, granting them the ability to analyze booking trends and monitor revenue for informed decision-making. Similarly, a Content Manager role could receive the privilege ManageContent.
Assigning Roles
Through the Qodly Management Console of your application, you can assign roles to users across various environments—development, staging, or production—each with its own configuration.
Roles configured in the development environment may differ from those in production. It's essential to manage roles appropriately in each environment to ensure consistent access control.
To assign a role to a user in the development environment:
- Go to the
Teamstab to see a list of available users, each linked to their respective roles. - Click the
Add Userbutton in the upper-right corner to add a new user. - Complete the form that appears with the necessary user data.
- Find a dropdown menu labeled
Profiletowards the end of the form, displaying roles added from Qodly Studio under theRoles and Privilegessection. - Select and assign the appropriate role to the new user from the list, providing specific privileges associated with that role.
Retrieving Current Session Information
You can retrieve user information in the current session using the cs.Qodly.Users class. This allows you to access essential user details, such as their email, role, first name, and last name.
Here's how you can retrieve and store user data for session-wide access:
exposed Function loadSessionUserInfo()
var userCS : cs.Qodly.Users
userCS = cs.Qodly.Users.new()
use(session.storage)
session.storage.currentUser = userCS.getCurrentUser()
end
For more detailed information, refer to the Sessions and Users sections.
Roles and privileges JSON Representation
In Qodly Studio, roles and privileges have a JSON representation that can be useful for troubleshooting or copying selected parts.
Roles and privileges in the Explorer and choosing Open With a Text Editor.
This allows you to view, copy, or edit the JSON representation.
Exercise caution when editing the JSON representation. The syntax checker does not validate whether attribute names match the expected ones or if there are issues with attribute names. Always ensure you have a backup before making changes.