Best practices for handling conditional visibility with multiple user roles?
What is the best approach for handling conditional visibility and access if the user has more than one role assigned? Currently: There is a page with buttons, some users should be able to click them, others should see them as greyed out and disabled. In order to implement it, I created 2 versions for each button (active and disabled), and show one or another based on the user role. New solution: Now, if the user has 2 or more roles, it would lead to the problem when he will see both active and disabled versions of the same button. In order to solve this, I’m going to create a complex microflow, that would be called when the page is opened, and this microflow will go through the list of assigned user roles. Conditional visibility will not depend on roles directly anymore, instead, it will depend on the booleans, and the microflow will decide which boolean is true, depending on which roles the user has. The problem with this new approach is that all the logic for conditional visibility is hardcoded, while in the future admin should be able to dynamically change access/visibility rules for the roles through the interface. So is there any better solution? UPD One more idea, would be interested in your opinion. I will change the user role entity itself, including the boolean attributes there. Then the user will be able to change which user role has access to what through the interface by changing the bool values. And the conditional visibility will not check which roles does the user has, instead it will only check the booleans of the roles assigned to him.
Best practice would be to create a new userrole for your combination of two user roles – e.g. if they currently have User and Admin, create a role specifically for users who have both roles.
If that is not an option, you could work with containers in containers that have certain user roles specified for visibility. It would make for a very ugly page in the modeler, but it should work. Something like:
1 container visible to user → inside it, one container that's only visible if you're not an admin
1 container visible to admin → inside it, another container that's only visible if you're not a user
1 container visible to admin → inside it, another container that's only visible if you are a user