This guide will show you how to create different application roles (permissions) and user roles (groups) and assign them to new users. Additionally, you will learn what is pre-defined in the ORIGAM default settings.
[!success]- Prerequisites for further work
To follow along, there are four basic prerequisites you must meet:
- Have a running database server
- Have a running ORIGAM Server
- Have a project created in ORIGAM Architect
- Have a running client application in your browser
Once you have all of these set up, log into the client application using the username and password you created during your project setup.
Default Users, Roles, and Settings
When you create a new project in ORIGAM, it comes with some predefined settings and content. Navigate to the main menu and go to Settings / Users & Security / Users to take a look at the predefined users, user roles, and application roles.
In a new project, there are three system users and your first user with the Super User role, often referred to as the administrator:
There is also a set of predefined application roles. Most of these are related to the items in the main menu under Settings:
For instance, the application role named FRM_Users is assigned to the form (FRM) containing the user list, appropriately called Users.
By default, the Super User role has all the existing application roles assigned:
These are the default settings you receive when starting a new project. Now let’s move on to adding our own content.
Creating new Roles
To create a new application role (also referred to as a “permission”), simply use the plus or duplicate icon found in both the list and detail forms, and fill in at least the Name and Description:
We recommend using our naming convention, such as the FRM_ prefix for forms. Save your changes.
Next, you can create a new User role, sometimes called a “group” in other systems, and assign the desired Application roles to it:
For example, we created a new User role named Standard User and assigned only one Application role to it: FRM_UserProfile. Users with this role will only have access to the My User Profile form, where they can edit their own profile. This is the only item from the Settings menu that they will be able to access.
Save your changes.
Creating new Users
To add new users, navigate to the Add User form in the main menu:
Here, fill in all the required fields, choose a password with at least 6 characters (this default setup can be changed), and select at least one User role to assign to the user.
Save your changes to create the new user.
Using Roles
Now that you know how to create and manage roles and users, let’s explore how to utilize them in designing a client application. This mainly applies to defining the user menu and workflow buttons.
Here, we focus on the Menu items used in the user menu.
First, create a new item in the Menu, a new Screen Reference:
Next, in the details of your Screen Reference, you’ll see a field named Roles. This field is used to grant access to the screen for specific users:
Here, you can insert all the application roles, separated by semicolons. If a user is not assigned to one of the listed roles, they will not be able to see the item or its sub-items. To grant access to all users, enter a star (*) as the only role.