Authorization System (Magic xpa 3.x)

« Go Back


Created ByKnowledge Migration User
Approval Process StatusPublished

Authorization System (Magic xpa 3.x)

The Authorization System enables developers and certain users to control access to Magic xpa projects in Studio modes. This control is achieved through setting access keys to various Magic xpa project elements, and by assigning specific rights to users and user groups.

Magic xpa includes a flexible authorization system to control what each user can and cannot do in Magic xpa. The authorization system lets the application developer or system supervisor limit access to various activities in Magic xpa to those users specifically authorized to have such access.

The authorization system exercises its control through sets of rights and the use of built-in Magic xpa functions. Rights can be thought of as keys to locks. Rights assignments connect users, who are classified by role, with the application’s components, which are classified by accessibility. This means that certain classes of users are allowed to access certain parts of an application.

The person in the role of Supervisor can assign rights that give each user access only to the activities for which that user is authorized. Any activity that is not specifically restricted by the Supervisor or the developer remains accessible to all users and does not require any rights assignment. To access the authorization system repositories, the developer must log on to the system as a user which has the SUPERVISOR GROUP assigned to the user. This group is reserved by Magic xpa, and is automatically included in any Magic xpa system. In addition, a user named Supervisor (which has this group assigned to is) is also automatically included in any Magic xpa system. Note that it is advisable to change this user name or give the user a password.

Defining a right is a three-stage process:

  1. Creating the right in the Rights Repository.

  2. Using the right with a particular Magic xpa activity.

  3. Associating the right with a particular user or group of users. See Assigning a Right to an Individual User.

Related Topics