A Logon Service can assign Authorizations to a user. An Authorization grants or denies access according to a path, e.g. "shop/products/avocado" or "shop/categories/fruit/*", and can be used to build complex and flexible permission systems. Note that you can use "*" as a wildcard.
Authorizations, like Roles, can be easily queried using the Security Manager and used to modify application behaviour to suit the current user. Authorizations can be very helpful when building large applications with more complex security models.
Authorizations are stored in a dedicated AUTHORIZATION table in the Logon Service. The AUTHORIZATION table contains TYPE, NAME, FUNCTION and ALLOW columns. To add an Authorization to a user, insert a new row into this table as follows:
// Grant access to all products in the fruit category
// Note the use of the "*" wildcard
tables.AUTHORIZATION.insertRow();
tables.AUTHORIZATION.TYPE.value = "product";
tables.AUTHORIZATION.NAME.value = "shop/categories/fruit/*";
tables.AUTHORIZATION.FUNCTION.value = "EDIT";
tables.AUTHORIZATION.ALLOW.value = "TRUE";
tables.AUTHORIZATION.updateTable();
To check a user's Authorizations see the Checking Authorizations tutorial.