Create multiple profiles with a set UserRoles for one user object
Hi all, I have some trouble with the security, associated to the user object in Mx. What I would like to build is as following: 1 user (only 1 system.UserRole = user) can have * profiles Each profile can have a set of system.UserRoles (like 'editor', 'verifier', 'authorizer'). Each profile is connected to one company object. Each profile than defines what a user can or can't do within a company object. This is the same logic as used in sprintr where one user can have multiple projects and for every project another role. Does anyone know if this is possible with using system.UserRole? If not, is it than secure enough to build this logic via datasouorce microflows, conditional formats etc.? Thanks!
Based on the profiles available for a user you can set userroles for a user. But those userroles apply to the user object. You probably need a combination with entity access over the customer > profile > user association in combination with a userrole.
a user with Profile CompanyEditor connected to Company A will have the Editor role. But that Editor role should only be applied when accessing data for Company A. You will need entity access to do so. The user should be granted read/write access when the object associated to the customer has a profile CompanyEditor associated to his/her user object. Otherwise the user should be granted read access (or another type of access if other profiles are used)