Database permissions

In many cases, such as a process module, the database will only be accessed by the user who created the database node, and no permission setup is necessary.

In other cases, or if the web service API is required, you will need to set permissions on the data in the database. The database library provides a prototype permission manifest manager and roles to provide separate update and read only permission over the database. These permissions apply to the entire database. If you want something more granular, which distinguishes between permissions on different tables or different rows, you will have to create your own permission setup, for example using additional tags and additional permission manifest manager rules.

The permission manifest manager prototype is entirely conventional. To use it:

  • Create an instance of the Permission Manifest Manager type and use bindings to locate it using binding reference "permissionManifestManager".
  • Create separate user groups for database update and read only access, using the User Group or a different type user group wrapper node. Locate these using the usersDatabaseUpdate and usersDatabaseReadOnly bindings.
  • The users in the update group will now have update access, and those in the read only group will have read only access.