Permissions in Code
You can leverage groups within your code to set permissions at the component level. An array of all the groups of which the end-user using the application is a member of is available via the Global object: Global.user.groups
.
Referencing Groups in Code
In the following example, you can see that the button component is disabled since the user is not within the Support Managers
group. Here's the code snippet used:
{{!Global.user.groups.map((group) =>group.name).includes("Solutions Managers")}}
Permissions to an API can be set as a step within a Python function by leveraging the current user's group (Global.user.groups
):
userGroupNames = list(map(lambda group: group.name, Global.user.groups))
if "Support Managers" not in userGroupNames:
raise Exception("You don't have sufficient permissions to perform this action. Please contact a Support Manager.")
Another way to limit the access to an API to certain users and groups in Superblocks is to set these rules in the API configuration settings.