GAM + WorkWithPlus

WorkWithPlus provides the possibility to integrate GeneXus Access Manager (GAM) to WorkWithPlus Advanced Security, so that developers can have the possibility to use the same security policies for their Smart Devices application and their web application.

  • The configuration of users, roles and permissions will be done using GAM APIs and GAM Back-office .
     
  • Security in Objects
    The verification whether some user can access an object (Web Panel, or Report) will be done automatically by GAM Security. 
     
  • Security in Actions, Links and Modes
    WorkWithPlus will add the code in order to verify if some user can click in some action or link and will hide/disable the action when user doesn't have permission for it. This will be done the same way as it is done with WorkWithPlus Advanced Security: Security in Actions, Security in Links
    If the action invokes some Web Panel or a transaction in mode insert, update or delete and its value of 'Sec Functionality Key' is <default> WorkWithPlus will use GAM APIs in order to verify whether user has permission in order to access that object.
  • Security in Tabs
    WorkWithPlus will add the code in order to verify if some user can visualize a Tab within the View object and will hide/disable the tab when user doesn't have permission for it. 
    This will be done the same way as it is done with WorkWithPlus Advanced Security: Security in Tabs.
  • Security in Attributes & Variables
    WorkWithPlus provides the possibility to add security to attributes and variables. This includes security to edit the attribute or not, or to visualize it or not. For the case of Variables, it includes security to restrict its visualization. Developer configures it in GeneXus, and WorkWithPlus will add the code needed to fulfill the requirement. This will be done the same way as it is done with WorkWithPlus Advanced Security: Security in Attributes and Variables  (it contains illustrations of both cases)  
  • The properties of 'Sec. Functionality Key' that have sense using GAM are the ones in UserActions, StandardActions, Tabs of a grid and attributes. You can change the value of this for any action or tab, and this will be integrated to GAM security, so that administrator at runtime can manage this permissions too. This property is explained in Advanced Security -> Assign Security to Objects.
  • In order to enable WorkWithPlus + GAM Security you have to follow the steps: Enable WorkWithPlus + GAM Security
     
  • After any changes in the security environment (creating UserActions, modifying the property 'Sec. Functionality Key' on any User Action, Link, Tab or attribute, or enabling security to some attribute), you have to follow the steps below: 
              1. Update Security Objects Code
              2. Update Security objects registries into GAM DB (Only for versions of WorkWithPlus 9.1 or lower) 

After you enable GAM Security + WorkWithPlus, it will appear a new node named 'GAM'. GAM node has the following properties:

Gam+WorkWithPlusImg01

General Properties:

 

Not Authorized Actions Appearance:

Specifies whether the actions will be hidden or disabled when are the actual user has not access to that actions.

 

Check Programs

 

Check by Functionality Key:

Specifies the procedure that will check if some user has access to certain functionality. This procedure uses GAM APIs to do so, because the users, roles and permissions are managed by GAM.


Check by Functionality Keys:

Specifies the procedure that will check if some user has access to one of the functionalities received.

 

Generated Programs

 

Functionalities List DataProvider:

Specifies the Data Provider where WorkWithPlus generates automatically all the functionalities of the instances (of actions, links or tabs), after doing 'Update Security Objects Code'.

 

Attributes Security

 

Default Enable Edit/ReadOnly Security:

Specifies the default value for the property 'Enable Edit/ReadOnly Security' within the attribute's definition. The property 'Enable Edit/ReadOnly Security' specifies whether an attribute will have security of edit/readOnly type enabled. If you need that most of the attributes of the application have restrictions in which users can edit them, you should change this property as True. Otherwise, you can go to each attribute and set their property 'Enable Edit/ReadOnly Security'  as True, leaving this one as False. 

 

Default Edit/ReadOnly Security Functionality Key:

Specifies the default value for the property 'Edit/ReadOnly Security Functionality Key' within the attribute's definition. The property 'Edit/ReadOnly Security Functionality Key' specifies the name of the permission associated to edit the attribute.

 

Edit/ReadOnly Security Functionality Dsc :

Specifies the description of the permission associated to edit an attribute.


Default Enable Show/Hide Security:

Specifies the default value for the property 'Enable Show/Hide Security' within the attribute's definition. The property 'Enable Show/Hide Security' specifies whether an attribute will have security of show/hide type enabled. If you need that most of the attributes of the application have restrictions in which users can visualize them, you should change this property as True. Otherwise, you can go to each attribute and set their property 'Enable Show/Hide Security' as True, leaving this one as False.

 

Default Show/Hide Security Functionality Key:

Specifies the default value for the property 'Show/Hide Security Functionality Key' within the attribute's definition. The property 'Show/Hide Security Functionality Key' specifies the name of the permission associated to display or hide the attribute.


Show/Hide Security Functionality Dsc:

Specifies the description of the permission associated to display or hide an attribute or variable.


Atts Link Security Functionality Dsc:

Specifies the description of the permission associated to the link of an attribute or variable.