User and Role Identification
Determine Logged in user and his role
The current user is one of the distinguishing parameters that every application must be aware of. In IndustryApps, the current user is only an identifier, let's say userId . The userId is associated with a company identified by companyId . both these attributes combine to provide uniqueness to a request.
Every user has roles that are associated with your application. Suppose you are bringing an application for warehouse handling, let's say Purchase Order Calendar, and your application has the following rights VIEW_PO_CALENDAR , ADD_PO_CALENDAR and UPDDATE_PO_CALENDAR . To identify a User you only need the userID , companyId , and a list of rights.
While registering your application with the IndustryApps platform you can add all the rights corresponding to your application. We assign these rights to some users and allow them to visit your application with limited rights.
Now let's describe this with the example of the Purchase Order Calendar. The application should be implemented in such a way that if the current user has [VIEW_PO_CALENDAR] then you can allow him to VIEW the Purchase order calendar and not allowing to EDIT it and if rights contain [ VIEW_PO_CALENDAR, ADD_PO_CALENDAR] then you should allow him to VIEW and ADD to Purchase order calendar.
We follow the practice of making the application stateless. We pass to identify the details of the user associated with each request. You can get the current user responsible for the request from the platform API.
​
​
Copy link