- Dynamic Authorisation:
- Role ID and Action ID values can be dynamically changed by selecting them from a list.
- Multiple record updates can be made in a loop.
- Conditional Authorisation Records:
- Access control can be provided with If Then Else based on a condition such as the user's role or user type.
- Bulk Permission Updates:
- Access can be granted to the same role for multiple actions. For example, access permission can be defined for both the ‘Reports’ and ‘Statistics’ screens at the same time.
Technical Risks and Controls
- Invalid Role ID: If the role is not defined in the system, access rights cannot be defined.
- Missing Permission List: If the Action ID is entered incorrectly, the relevant screen or component will not be affected.
- Incorrect Authorisation: If the Is Authorised value is assigned incorrectly, the user may be granted unwanted access.
- Unauthorised Action Use: The user defining the action must be authorised.
Save Role Access is a powerful tool for enhancing application security and customising the user experience based on roles. It permanently stores role-specific access definitions in the system and lays the foundation for flexible authorisation structures. It is an indispensable action for access control, especially in enterprise applications.
