Manage Roles

◷ Reading Time: 3 minutes

In FlexRule Server, a role is a grouping of actions and their access permissions. Roles can be assigned to actors (i.e. Application or User) which then allows or disallows that actor to interact with the server.

Access to an Action can be defined as:

  • Unspecified: this means the access has not been defined for an Action
  • Allow: enables an actor to use an Action
  • Deny: disallow an actor to use an Action

Access Result

When an Actor has multiple Roles associated, the Access on different Actions can overlap and the result of the final Access will be derived from the below Access table:

Access 1Access 2Final Result
Deny
Deny
Deny
Deny
AllowAllow
AllowAllow
AllowAllow
AllowAllow
AllowDenyDeny
AllowDenyDeny
AllowDenyDeny
AllowDenyDeny
AllowAllow
AllowAllow
AllowAllow
AllowAllow
DenyAllowDeny
DenyAllowDeny
DenyAllowDeny
DenyAllowDeny
DenyDenyDeny
DenyDenyDeny
DenyDenyDeny
DenyDenyDeny

** Empty cell is an unspecified Access, it’s neither Allow nor Deny.

New Role

Creating a new Role requires two sets of information:

  1. General
  2. Actions

General

General information allows you to assign a Name to the Role.

Actions

The actions section allows you to define what Action has what Access setting in this new Role:

In the first column of the table, Access can be defined as:

  • Empty: Access it not specified.
  • Allow: Allows access for a specific action.
  • Deny: Disallows access for a specific action.
Updated on May 11, 2022

Was this article helpful?

Related Articles