An application role configuration contains all the information necessary to appropriately configure an application for a particular user role. Application roles can control access to a single or multiple applications.
Note: Application roles are available through the object API and so can be used directly by the UI application developer.
The Application role configuration must contain information such as:
- Role name
- Role description
- Locations of applications/components and their related configuration files
Roles are defined in the role configuration file (roleName.rol.json). For example,
admin.rol.json:
{
"name": "admin",
"description": "administrator role",
"applications": {
"/apps/workViews": {
"name": "workViews",
"accessLevel": "admin"
},
"/apps/processViews": {
"name": "processViews",
"accessLevel": "user"
}
}
}
The
rolename.rol.json file contains the following types of information.
| Key
|
Description
|
Additional Notes
|
| name
|
Role name
|
The role configuration file has the name
Role-Name.rol.json.
Note: We recommend naming the file to match the role.
Note: If two different files have the same role, the filename can be different to the role. For example, you can have
rolea.rol.json and
roleb.rol.json (both containing the admin role). When this is processed, the second copy of admin is ignored and you will get a warning. When deleting, if the first admin role is deleted, the second admin role is processed and displayed, so it can appear that the role was not deleted.
|
| description
|
Description of the role
|
|
| applications
|
List of applications
|
List of applications that the user belonging to this role can see.
|
| /apps/appViews
|
Location of the application
|
Location of the application that is deployed into the Application Development platform.
|
| "name": "workViews"
|
Name of the application
|
|
| "accessLevel": "admin"
|
Name of the configuration (customization) for the above mentioned application
|
Customized configuration file will be resolved using
app-name_accessLevel.rac.json.
In the above example:
workViews_admin.rac.json.
|
The configuration of an application role consists of a list of qualifying organizational entities (groups and positions) that are maintained with the application role. If a user is a member of any of these organization entities then they qualify for the application role. Each user can be associated with a number of roles based on a mapping. See
Mapping a Role to an Organization Entity and
Mapping Roles to Applications.
Roles can be deployed into the Application Development platform using the standard zip archive (the name of the archive should have the suffix
.role, for example,
adminrole.role.zip.). See
Uploading a Role.
Copyright © Cloud Software Group, Inc. All rights reserved.
