In my previous posts I wrote how to create developer-defined security roles and how to secure data table access for a security role. Ultimately when a client application makes API requests, the security evolves around users, since it is a user who authenticates himself against the system. A user may have roles assigned to him or her and in that case any permissions granted (or denied) to a role would be applicable to the user as well. In this article I will review how to assign roles to users using Backendless console. Keep in mind that these assignments can also be done using API and I will be writing another article in this series on that feature as well.
The instructions below assume you already have some users registered for your app or created using console. Also, you need to have at least one custom security role. To assign roles to users:
- Login to Backendless console, select an app and click the Data icon.
- The Users table should be selected by default. Click the checkboxes for each user object for which you would like to assign roles.
- Click the User Roles button in the button toolbar.
- Console displays the User Role Management popup. Using the popup you can assign available custom roles to the selected users. Click the checkboxes for the roles to assign and click the Save button.
The same User Role Management popup can be used to edit role to user assignments. The dialog is smart enough to handle multiple user selection and will properly display conflicting assignments using the three-state checkbox.