Skip to main content
To homepage To homepage
  • EN


User Roles in a Web Application

User Roles in a Web Application

In a web application, defining user roles is crucial to ensure that different users have access to the appropriate resources and functionalities based on their level of authorization. Here we provide an overview of the common user roles and the various permissions and functionalities associated with each one.

Understanding these roles will help in effective user management and data protection within the application:

  1. Administrator

    Administrators hold the highest level of control within the application, with full access to all data and settings.

    1. System Management

      1. User Account Management

        1. Creating user accounts
          Editing user profiles
          Deactivating accounts

           

      2. Access Control

        1. Assigning roles
        2. Defining permissions
          Monitoring access logs

           

      3. Database Administration

        1. Backing up database
          Restoring data

           

        2. Managing database schema

      4. Application Settings

        1. Configuring system settings
        2. Customizing user interface
        3. Managing plugins and extensions

    2. Security Oversight

      1. Threat Assessment

        1. Identifying potential risks
        2. Implementing security protocols
        3. Conducting regular audits

      2. Incident Response

        1. Tracking security incidents
        2. Resolving security breaches
        3. Reporting incidents

      3. Policy Enforcement

        1. Setting security policies
        2. Enforcing compliance
        3. Training staff

      4. Data Protection

        1. Encrypting sensitive data
        2. Monitoring data access
        3. Ensuring data integrity

Hello again,

Thanks for providing good answers to 1) how a document type is created and 2) the permissions for it are assigned.

As for 3) how to restrict the document type to specific customer types (in this example, business), the team has created the following solution:

  1. Add a new parameter “ CUSTOMER_RESTRICTION ” to the document type: 
    1. {
          "area": "CUSTOMER_ATTACHMENT_TYPES",
          "name": "POWER_OF_ATTORNEY",
          "displayName": "Power of Attorney",
          "displayOrder": xxxxxxxxx,
          "description": "Power of Attorney",
          "active": true,
          "parameters": {
              "CUSTOMER_RESTRICTION": {
                  "name": "CUSTOMER_RESTRICTION",
                  "characterValue": "RESIDENTIAL"
              }
          }
      }

       

  2. In the UI integration:

    1. Take over template ui.view.modal.document.add.ftl to your customizations and replace the select for the document types with your own component and controller.

      1. Example for the document type selection:

        1. <select r6-form-element
                  r6-label="{{ 'i18n.view.modal.document.documentType.ftl'  | r6Translate }}"
                  name="documentTypeIndex"
                  ng-model="$ctrl.documentType"
                  ng-options="type.name as type.displayName for type in $ctrl.customerAttachmentTypes | orderBy:'displayOrder'"
                  required>
          </select>

           

      2. Examples from the document type selection controller:

        1. If there is a customer type restriction on a document type, the controller will add it to the dropdown for the document type selection only on the respective customer types.

        2. // from the custom document type selection controller

          $onInit() {
              this.shoppingCart = this.r6ShoppingCart.getSelectedShoppingCart();
              this.customerAttachmentTypes = this.documentTypes.filter(option => this.isAvailableForCustomerType(option));
          }

          private isAvailableForCustomerType(lookupOption): boolean {
              const parameter = LookupOptionsService.getParameter(lookupOption, LookupOptionsConstants.PARAMETER_KEY_CUSTOMER_RESTRICTION);
              return !parameter
                  || (parameter === this.shoppingCart.customer.personalDetails.customerTypeKey);
          }


          // from class LookupOptionsService

          public static getParameter(lookupOption, parameter) {
              if (lookupOption
                  && lookupOption.parameters
                  && lookupOption.parameterspparameter]
                  && (lookupOption.parameterspparameter].characterValue
                      || lookupOption.parameterspparameter].numericValue)) {

                  return lookupOption.parameterspparameter].characterValue ?
                      lookupOption.parameterspparameter].characterValue : lookupOption.parameterspparameter].numericValue;

              }
              return undefined;
          }

 

Terms & ConditionsCookie settings
//Terms and Conditions