Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X
Hi everyone,
This topic has been discussed before, but we still haven't seen a good solution. When we remove the Users (group) from the composerUsers group, all the Users other than our administrator users no longer have rights within our application. When we follow the case CS341872 then we must assign the rights separately for each Mashup, Can this be done in an easier way? or through a global solution? Other question: will there be a secure by design solution in a next release, so that this is no longer necessary.
Best regards,
Emiel
Solved! Go to Solution.
Thanks for your reply,
I had to use Mashups["Mashup"].AddDesignTimePermission to give permission for all Mashups.
And many services required me to give permission, especially InfotableFunstions and Currentsession.
Also give permission to theme styles and so on.
What is strange is that when I give design rights to the service SetCurrentUserLangueage (can be found under CurrentSession) the rights for Composer are partly returned to the user.
We still need to test the entire application regression to see if everything still functions correctly now.
It remains strange that it is not Secure by design from the basics and we have to convert everything like that.
Best regards,
Emiel
You can just do it based on collection permissions mostly.
There are a few that need some specific permissions, like the
GetAllStyleDefinitions etc.
But you can give collection to anything Mashup/Master in general as well as you'll need design time read on datashapes most likely.
Thanks for your reply,
I had to use Mashups["Mashup"].AddDesignTimePermission to give permission for all Mashups.
And many services required me to give permission, especially InfotableFunstions and Currentsession.
Also give permission to theme styles and so on.
What is strange is that when I give design rights to the service SetCurrentUserLangueage (can be found under CurrentSession) the rights for Composer are partly returned to the user.
We still need to test the entire application regression to see if everything still functions correctly now.
It remains strange that it is not Secure by design from the basics and we have to convert everything like that.
Best regards,
Emiel