I have a need to control what is seen and used in the UI but it is not necessarily based on the User but based on some data.
To explain. User A can access the system and do pretty much anything. User A is looking at data for Client Z. Client Z has 2 orders O1 and O2. O1 due to they type of order requires a lot of detail. O2 which is a different type of order needs less data and some of the fields should not be visible at all.
I guess what I’m thinking is Roles for Screens but Dynamically Applying a Role based on data in the screen.
Looking at the Roles in CUBA Administration this would appear to be exactly the kind of features I would like to control. It would be fantastic if I could setup a Hierarchy of Roles to control the UI as I need and then when my User A goes to view O2 I could apply the Role relating to that type of order to User A then User A would not see certain parts of the UI.
I know I could easily code up this example and ignore Roles but in my case the UI control is very complicated and sliced and diced at many levels. Roles seems like a good fit.
If the adding of a Role Dynamically and I guess removing a Role is possible I’m thinking it needs to be applied in a restrictive way as Cuba currently does an OR for permissions though with some structuring I could possibly work around that by using only roles that deny access.
So I’m hoping someone will tell me this is possible.
[UPDATE]
It looks like the UI Permissions are set in WindowCreationHelper.applyUiPermissions
I’m thinking if I put my own version of WindowCreationHelper
in my project then call applyUiPermissions()
in the screen’s postInit()
this seems to do as it should.
If I load the correct Role and do what is needed to the permissions then I could pass this in to my version of applyUiPermissions()
This might actually get around what is in the User Permissions and what is setup in my Screen Role would be applied as it is applied independently to the User Permissions.
Is this idea a bad one?