How to manage users and groups
From Wiki
Contents |
Introduction
When a Web application modeled with WebRatio has some protected modules (site views, areas, pages), you have to set which users groups can access these modules and to assign users to groups. WebRatio does not provide a built in model to manage the "user model" but you can model an area in the administration site view to achieve this goal. The "user model" is a portion of the data model of your project and usually it looks like in the following image. It is automatically added by the tool when you create a new Web project.
In order to manage users, groups and protected modules you can model just two pages. One page is used to manage groups, which means the administrator can create new groups, modify or delete an existing group and connect groups to protected modules. Remember that a connection between a group an a module means that all the users belonging to that specific group have access to that specific module. The other page is used to manage users, which means creating new users, modyfing existing users, deleting users and connecting users to groups. Let's see how these two pages can be modeled.
The "Groups Management" page
The first thing you need in a page that manages groups is the groups list. You can use an Index or a Power Index Unit to show this list. The choice between the two units depends on how many groups you think the Web application will manage.
In order to create new groups and modify existing groups you have to place an Entry Unit in the page. This unit must have as many fields as the number of the Group entity attributes. Moreover it must have a multiselection field preloaded with all the existing protected modules of the Web application. The multiselection field will be used by the administrator to select which modules the edited group can access. Finally you have to add to the Entry Unit a selection field preloaded with the same protected modules in order to select the default module for the group. The "default" connection means that every time a user belonging to the group log into the application, he is automatically redirected to its default module. To preload the multiselection and the selection field, you may use a Selector Unit, which extracts all the protected module of your Web application. You can connect the Selector Unit to the Entry Unit through a transport link and make the proper coupling to preload these fields.
Then you have to add the units that retrieve the information about a specific group chosen from the index. These information are used to preload the form in the case the administrator wants to modify an existing group. You have to use two other Selector Units in order to get the group details and pass them to the Entry Unit. The first Selector Unit (named "Selected group" in the figure) extracts all the information about the group, the second one extracts all the protected modules to ehich the selected group is connected. Connect each Selector Unit to the entry unit with transport links and make the proper coupling.
Now you have to model the operation chain. First of all you have to place an IsNotNull Unit that checks whether the administrator is going to add a new group or to modify an existing one. In the first case the KO link is followed. In this part of the chain you have to use a Create Unit on the Group entity and a Connect Unit on the relationship named "modules". The other part of the chain, following the OK link, comprehends a modify unit on the Group entity and a Disconnect Unit on the "modules" relationship. Connect the Disconnect Unit to the Connect Unit in order to complete the chain.
The last thing to model is the deletion of a group. This is very simple. You just have to use a Delete Unit on the Group entity and connect it through a normal link from the Index Unit. In this way the administrator can delete a group just clicking on the link placed next to each group in the group list.
You can see the complete model in the figure at the beginning of the section.
The "Users Management" page
The "Users Management" page is very similar to the "Groups Management" one. The difference is that the entity that you have to manage in this page is the User. For this reason the fields of the Entry Unit are different from the previous page, because they have to contain all the user's information. Another difference is that, in the operation chain, the connect and disconnect operations are mapped on the relationship between user and group named "groups". The complete model is shown in figure.
Protected modules management
While users and groups have to be manually added to the database or to be explicitely managed by the Web application, WebRatio provides a semiautomatic method to manage the protected modules. You can set properties in the project that allows to generate a specific page belonging to the WebRatio Admin Area that manages the insert of protected modules in your databases. To generate this page you have to follow these steps:
- Select the tab Project in your Web project
- Select the Security tab in the Properties View
- Check the Enable Admin Area option
- Enter a name for the generated page (e.g ModuleAdiministration.do)
- Enter username and password to log into this page
- Generate the Web project
Once generated the page, you have to log in from the Web application. The page will show you the list of protected modules. You can easily select them from the list and add them in your database with one click.
It's important to note that this page is not part of your Web application and so no one of the application users can access it. It's only a private administration area that allows you to manage protected modules while your are developing the Web application.
