Manage Roles

Print Friendly, PDF & Email

◷ Reading Time: 3 minutes

In FlexRule Server, a role is a grouping of actions and their access permissions. Roles can be assigned to actors (i.e. Application or User) which then allows or disallows that actor to interact with the server.

Access to an Action can be defined as:

  • Unspecified: which means the access has not defined for an Action
  • Allow: enables an actor to use an Action
  • Deny: disallow an actor to use an Action

Access Result

When an Actor has multiple Roles associated with, the Access on different Actions can overlap and the result of final Access will be derived with below Access table:

Access 1Access 2Final Result
Deny
Deny
Deny
Deny
AllowAllow
AllowAllow
AllowAllow
AllowAllow
AllowDenyDeny
AllowDenyDeny
AllowDenyDeny
AllowDenyDeny
AllowAllow
AllowAllow
AllowAllow
AllowAllow
DenyAllowDeny
DenyAllowDeny
DenyAllowDeny
DenyAllowDeny
DenyDenyDeny
DenyDenyDeny
DenyDenyDeny
DenyDenyDeny

** Empty cell is an unspecified Access, it’s neither Allow nor Deny.

New Role

Creating a new Role requires two set of information:

  1. General
  2. Actions

General

General information allows you to assign a Name to the Role.

Actions

Actions section allows you to define what Action has what Access setting in this new Role:

In the first column of table, Access can be defined as:

  • Empty: Access it not specified.
  • Allow: Allows access for a specific action.
  • Deny: Disallows access for a specific action.
Updated on August 9, 2019

Was this article helpful?

Related Articles