From 9a57ae47f1c1fe868b02d1d9327f10057b5a4a5c Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 11:16:28 +0300 Subject: [PATCH 01/10] UIA-1299 Improve user module role documentation and usage examples --- .../modules/administration.md | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 5b3c797eda6..4ebf9896d72 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -28,6 +28,74 @@ The [Administration](https://marketplace.mendix.com/link/component/23513) module ## Installation Follow the instructions in [How to Use Marketplace Content](/appstore/use-content/) to import the Administration module into your app. +Module Roles and Access Control + +## Overview of Module Roles + +The Administration module provides a set of fine-grained module roles that control access to user-related data. These roles can be combined to allow only the permissions required for a specific use case. + +* Administrator: Allows full management of user accounts: + * Create new user accounts + * Delete existing user accounts + * Read and write access to FullName and Email of the Administration.Account objects + * Change passwords of other accounts + +* User: Allows write access to the FullName and Email attributes of the Administration.Account object for the current user, and allows read access to the FullName and Email attributes of other users’ Account objects. + +{{% alert color="warning" %}}This module role has been superseded by granular module roles, which offer improved flexibility and control. See the following user roles for detailed instructions and examples.{{% /alert %}} + +* ReadOwnDetails: Allows read access to the FullName and Email attributes of the Administration.Account object for the current user. +* EditOwnDetails: Allows read and write access to the FullName and Email attributes of the Administration.Account object for the current user, where write access inherently includes read access. +* EditOwnPassword: Allows permission for the current user to change their own password. Note that either ReadOwnDetails or EditOwnDetails is required when applying this module role. +* ReadOthersFullName: Allows read access to the FullName attribute of other users’ Administration.Account objects +* ReadOthersEmail: Allows read access to the Email attribute of other users’ Administration.Accountobjects. + +{{% alert color="info" %}}The fine-grained module roles mentioned above were introduced in version 4.5.0 of the Administration module, enabling enhanced control over permissions and access. If these roles are not available in your environment, it is recommended to upgrade to the latest version in order to benefit from these improvements.{{% /alert %}} + +## Combining Module Roles Depending on Use Case + +The module roles described above can be combined to configure access to user account data based on the needs of the application. Instead of assigning broad access, select only the module roles required for each app role. + +{{% alert color="info" %}}Users with edit access automatically have read access. Edit permissions therefore include the ability to view and modify data.{{% /alert %}} + +The following examples illustrate common role combinations: + +### Default end user + +* Allows users to read and edit their own details and change their password. + +* EditOwnDetails +* EditOwnPassword + +### Read-only user profile + +Allows users to read their own personal details and change their password. +Profile updates and password management are handled externally through the configured Identity Provider (IdP) / Single Sign-On (SSO) solution. + +* ReadOwnDetails + +### Users who need visibility of other users’ names + +Required only when user’s full names must be displayed. For example, when using the [Workflow Commons](https://docs.mendix.com/appstore/modules/workflow-commons/) module, users with access to the Task Inbox must be able to view other users’ full names, as the Assignee column uses this to display who is assigned to each task. + +* ReadOwnDetails +* EditOwnPassword +* ReadOthersFullName + +### User profile with email visibility + +Allows users to view their own personal details, the names of other users, and other users’ email addresses. + +* ReadOwnDetails +* EditOwnPassword +* ReadOthersFullName +* ReadOthersEmail + +### Administrative users + +Allows full management of user accounts. + +* Administrator ## Usage From ea1818194511f275f5864dedfbb464b235bdec94 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 11:33:30 +0300 Subject: [PATCH 02/10] UIA-1299 Improve docs --- .../platform-supported-content/modules/administration.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 4ebf9896d72..e43edad6b97 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -28,9 +28,10 @@ The [Administration](https://marketplace.mendix.com/link/component/23513) module ## Installation Follow the instructions in [How to Use Marketplace Content](/appstore/use-content/) to import the Administration module into your app. -Module Roles and Access Control -## Overview of Module Roles +## Module Roles and Access Control + +### Overview of Module Roles The Administration module provides a set of fine-grained module roles that control access to user-related data. These roles can be combined to allow only the permissions required for a specific use case. From cbd64eeb964e33ae15a6a58406dee91befe90e56 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 16:31:31 +0300 Subject: [PATCH 03/10] UIA-1299 Improve docs and resolve PR comments --- .../modules/administration.md | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index e43edad6b97..4b859308497 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -35,24 +35,32 @@ Follow the instructions in [How to Use Marketplace Content](/appstore/use-conten The Administration module provides a set of fine-grained module roles that control access to user-related data. These roles can be combined to allow only the permissions required for a specific use case. -* Administrator: Allows full management of user accounts: +* **Administrator**: Allows full management of user accounts: * Create new user accounts * Delete existing user accounts * Read and write access to FullName and Email of the Administration.Account objects * Change passwords of other accounts -* User: Allows write access to the FullName and Email attributes of the Administration.Account object for the current user, and allows read access to the FullName and Email attributes of other users’ Account objects. +* **User**: Allows write access to the FullName and Email attributes of the Administration.Account object for the current user, and allows read access to the FullName and Email attributes of other users’ Account objects. {{% alert color="warning" %}}This module role has been superseded by granular module roles, which offer improved flexibility and control. See the following user roles for detailed instructions and examples.{{% /alert %}} -* ReadOwnDetails: Allows read access to the FullName and Email attributes of the Administration.Account object for the current user. -* EditOwnDetails: Allows read and write access to the FullName and Email attributes of the Administration.Account object for the current user, where write access inherently includes read access. -* EditOwnPassword: Allows permission for the current user to change their own password. Note that either ReadOwnDetails or EditOwnDetails is required when applying this module role. -* ReadOthersFullName: Allows read access to the FullName attribute of other users’ Administration.Account objects -* ReadOthersEmail: Allows read access to the Email attribute of other users’ Administration.Accountobjects. +* **ReadOwnDetails**: Allows read access to the FullName and Email attributes of the Administration.Account object for the current user. + +* **EditOwnDetails**: Allows read and write access to the FullName and Email attributes of the Administration.Account object for the current user, where write access inherently includes read access. + +* **EditOwnPassword**: Allows permission for the current user to change their own password. Note that either ReadOwnDetails or EditOwnDetails is required when applying this module role. + +* **ReadOthersFullName**: Allows read access to the FullName attribute of other users’ Administration.Account objects + +* **ReadOthersEmail**: Allows read access to the Email attribute of other users’ Administration.Accountobjects. {{% alert color="info" %}}The fine-grained module roles mentioned above were introduced in version 4.5.0 of the Administration module, enabling enhanced control over permissions and access. If these roles are not available in your environment, it is recommended to upgrade to the latest version in order to benefit from these improvements.{{% /alert %}} +### Default Access Rules + +* **Default rights for new members** are set to **None** for all access rules. + ## Combining Module Roles Depending on Use Case The module roles described above can be combined to configure access to user account data based on the needs of the application. Instead of assigning broad access, select only the module roles required for each app role. @@ -63,7 +71,7 @@ The following examples illustrate common role combinations: ### Default end user -* Allows users to read and edit their own details and change their password. +Allows users to read and edit their own details. * EditOwnDetails * EditOwnPassword From 84d0792b2e4b0befb552155a091b1ac476e2da8d Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 16:40:50 +0300 Subject: [PATCH 04/10] UIA-1299 Improve docs --- .../platform-supported-content/modules/administration.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 4b859308497..c6f5f46c982 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -33,11 +33,11 @@ Follow the instructions in [How to Use Marketplace Content](/appstore/use-conten ### Overview of Module Roles -The Administration module provides a set of fine-grained module roles that control access to user-related data. These roles can be combined to allow only the permissions required for a specific use case. +The Administration module provides a set of fine-grained module roles that provide enhanced control over permissions and access. * **Administrator**: Allows full management of user accounts: * Create new user accounts - * Delete existing user accounts + * Delete existing user accounts * Read and write access to FullName and Email of the Administration.Account objects * Change passwords of other accounts @@ -71,14 +71,14 @@ The following examples illustrate common role combinations: ### Default end user -Allows users to read and edit their own details. +Allows users to read and edit only their own details and change only their own password. * EditOwnDetails * EditOwnPassword ### Read-only user profile -Allows users to read their own personal details and change their password. +Allows users to read only their own personal details. Profile updates and password management are handled externally through the configured Identity Provider (IdP) / Single Sign-On (SSO) solution. * ReadOwnDetails From c20c2ab23db27bf39382dbf7ebc203507f7b876d Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 16:44:40 +0300 Subject: [PATCH 05/10] UIA-1299 Improve docs --- .../platform-supported-content/modules/administration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index c6f5f46c982..65ad74e17f5 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -33,7 +33,7 @@ Follow the instructions in [How to Use Marketplace Content](/appstore/use-conten ### Overview of Module Roles -The Administration module provides a set of fine-grained module roles that provide enhanced control over permissions and access. +The Administration module provides a set of fine-grained module roles that provide enhanced control over permissions and access. These roles can be combined to allow only the permissions required for a specific use case. * **Administrator**: Allows full management of user accounts: * Create new user accounts From 2ac69a11c050c7017e4ce773a7fd0722c04fb668 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 16:54:04 +0300 Subject: [PATCH 06/10] UIA-1299 Improve docs --- .../platform-supported-content/modules/administration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 65ad74e17f5..858f3671c03 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -53,7 +53,7 @@ The Administration module provides a set of fine-grained module roles that provi * **ReadOthersFullName**: Allows read access to the FullName attribute of other users’ Administration.Account objects -* **ReadOthersEmail**: Allows read access to the Email attribute of other users’ Administration.Accountobjects. +* **ReadOthersEmail**: Allows read access to the Email attribute of other users’ Administration.Account objects. {{% alert color="info" %}}The fine-grained module roles mentioned above were introduced in version 4.5.0 of the Administration module, enabling enhanced control over permissions and access. If these roles are not available in your environment, it is recommended to upgrade to the latest version in order to benefit from these improvements.{{% /alert %}} From 9b6910f95656aac399185e238935c5d6f82b0392 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 16:55:45 +0300 Subject: [PATCH 07/10] UIA-1299 Improve docs --- .../platform-supported-content/modules/administration.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 858f3671c03..5977e5c46ab 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -78,8 +78,7 @@ Allows users to read and edit only their own details and change only their own p ### Read-only user profile -Allows users to read only their own personal details. -Profile updates and password management are handled externally through the configured Identity Provider (IdP) / Single Sign-On (SSO) solution. +Allows users to read only their own personal details. Profile updates and password management are handled externally through the configured Identity Provider (IdP) / Single Sign-On (SSO) solution. * ReadOwnDetails From 1a22a669adc53d10701f028373c51d4929d4e0b9 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 17:12:34 +0300 Subject: [PATCH 08/10] UIA-1299 Workflow Commons Add the Administration module to the Dependencies section --- .../platform-supported-content/modules/workflow-commons.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md index d26fa0c56d5..fbad1967c76 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md @@ -33,6 +33,7 @@ This module allows Mendix developers with little or no experience in building wo ### Dependencies +* [Administration](https://marketplace.mendix.com/link/component/23513) * [Data Widgets](https://marketplace.mendix.com/link/component/116540) * [Atlas Core](https://marketplace.mendix.com/link/component/117187) * [Atlas Web Content](https://marketplace.mendix.com/link/component/117183) From fbf563d8be695fee5a43efad9cd614da5df52667 Mon Sep 17 00:00:00 2001 From: Semira Evangelou Date: Mon, 11 May 2026 17:15:30 +0300 Subject: [PATCH 09/10] UIA-1299 Workflow Commons update docs --- .../platform-supported-content/modules/workflow-commons.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md index fbad1967c76..a1b9786aa44 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md @@ -128,6 +128,8 @@ You can find the following microflows in Workflow Commons: 2. Views personal performance in the **Task Dashboard**. 3. Views workflow progress in the **My Initiated Workflows** overview. 3. Make sure the correct user entity is set in the **App Settings**: open Studio Pro **App Settings** > **Workflows** tab and set **User entity** to *Administration.Account*. When using demo users, you should ensure that the entity of demo users is also set correctly: open **App Security** > **Demo users** tab and set the **Entity** to *Administration.Account* for each of the relevant users. +4. In order to show the assigned users for user tasks, users need read access to the full name of other users. Ensure that either the **Administration.User** or **Administration.ReadOthersFullName** module roles are assigned to all relevant app roles, otherwise users may experience incomplete functionality. +5. For Workflow Commons version 3.10.0 and above, we introduced the `DueDateExpirationInDays` constant to configure the period in days for which the workflows or user tasks are to be considered almost due with visual indicators in pages **Task Inbox**, **Task Dashboard**, **Default Workflow Admin** and **Workflow Definition View**. The default value is set to 2 days. You should set the value based on your business needs. {{% alert color="info" %}} For Workflow Commons versions from 2.1.0 to 3.12.1, you also need to configure the state change microflows in the **App Settings**: @@ -137,7 +139,6 @@ You can find the following microflows in Workflow Commons: For Workflow Commons version 4.0.0 and above, you no longer need to configure the state change microflows. {{% /alert %}} -4. For Workflow Commons version 3.10.0 and above, we introduced the `DueDateExpirationInDays` constant to configure the period in days for which the workflows or user tasks are to be considered almost due with visual indicators in pages **Task Inbox**, **Task Dashboard**, **Default Workflow Admin** and **Workflow Definition View**. The default value is set to 2 days. You should set the value based on your business needs. ### Upgrading from Mendix 10 to Mendix 11 {#upgrade-from-10-to-11} From 168ee8e3dcf8ea6c5e76a25a6c0dbc0f4b268b66 Mon Sep 17 00:00:00 2001 From: nicoletacoman Date: Mon, 11 May 2026 16:30:09 +0200 Subject: [PATCH 10/10] TW review --- .../modules/administration.md | 100 +++++++++--------- .../modules/workflow-commons.md | 4 +- 2 files changed, 54 insertions(+), 50 deletions(-) diff --git a/content/en/docs/marketplace/platform-supported-content/modules/administration.md b/content/en/docs/marketplace/platform-supported-content/modules/administration.md index 5977e5c46ab..d66ce304f3e 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/administration.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/administration.md @@ -7,16 +7,16 @@ description: "Describes the configuration and usage of the Administration module ## Introduction -The [Administration](https://marketplace.mendix.com/link/component/23513) module contains the administration functionality, which allows you to manage local accounts and to view app statistics, such as runtime information, sessions, and schedules events. +The [Administration](https://marketplace.mendix.com/link/component/23513) module contains the administration functionality. It allows you to manage local accounts and view app statistics, such as runtime information, sessions, and scheduled events. ### Features -* Support managing user accounts -* Provide a read-only overview to show the following information: +* Manages user accounts +* Provides a read-only overview that shows the following information: * All active sessions * All scheduled events * All runtime instances -* Support viewing runtime statistics +* Displays runtime statistics ### Dependencies @@ -33,90 +33,94 @@ Follow the instructions in [How to Use Marketplace Content](/appstore/use-conten ### Overview of Module Roles -The Administration module provides a set of fine-grained module roles that provide enhanced control over permissions and access. These roles can be combined to allow only the permissions required for a specific use case. +The Administration module provides a set of fine-grained module roles for enhanced control over permissions and access. You can combine these roles to allow only the permissions required for a specific use case. -* **Administrator**: Allows full management of user accounts: - * Create new user accounts - * Delete existing user accounts - * Read and write access to FullName and Email of the Administration.Account objects - * Change passwords of other accounts +* **Administrator** – Allows full management of user accounts: -* **User**: Allows write access to the FullName and Email attributes of the Administration.Account object for the current user, and allows read access to the FullName and Email attributes of other users’ Account objects. + * Create new user accounts. + * Delete existing user accounts. + * Read and write access to `FullName` and `Email` of the `Administration.Account` objects. + * Change passwords of other accounts. -{{% alert color="warning" %}}This module role has been superseded by granular module roles, which offer improved flexibility and control. See the following user roles for detailed instructions and examples.{{% /alert %}} +* **User** – Allows the following access levels: -* **ReadOwnDetails**: Allows read access to the FullName and Email attributes of the Administration.Account object for the current user. + * Write access to the `FullName` and `Email` attributes of the `Administration.Account` object for the current user. + * Read access to the `FullName` and `Email` attributes of other users’ `Account` objects. -* **EditOwnDetails**: Allows read and write access to the FullName and Email attributes of the Administration.Account object for the current user, where write access inherently includes read access. +{{% alert color="warning" %}}This module role has been superseded by granular module roles, which offer improved flexibility and control. Refer to the following user roles for detailed instructions and examples.{{% /alert %}} -* **EditOwnPassword**: Allows permission for the current user to change their own password. Note that either ReadOwnDetails or EditOwnDetails is required when applying this module role. +* **ReadOwnDetails** – Allows read access to the `FullName` and `Email` attributes of the `Administration.Account` object for the current user. -* **ReadOthersFullName**: Allows read access to the FullName attribute of other users’ Administration.Account objects +* **EditOwnDetails** – Allows read and write access to the `FullName` and `Email` attributes of the `Administration.Account` object for the current user, where write access inherently includes read access. -* **ReadOthersEmail**: Allows read access to the Email attribute of other users’ Administration.Account objects. +* **EditOwnPassword** – Allows the current user to change their own password. Note that either `ReadOwnDetails` or `EditOwnDetails` is required when applying this module role. -{{% alert color="info" %}}The fine-grained module roles mentioned above were introduced in version 4.5.0 of the Administration module, enabling enhanced control over permissions and access. If these roles are not available in your environment, it is recommended to upgrade to the latest version in order to benefit from these improvements.{{% /alert %}} +* **ReadOthersFullName** – Allows read access to the `FullName` attribute of other users’ `Administration.Account` objects. + +* **ReadOthersEmail** – Allows read access to the `Email` attribute of other users’ `Administration.Account` objects. + +{{% alert color="info" %}}The fine-grained module which were just mentioned were introduced in version 4.5.0 of the Administration module. If these roles are not available in your environment, Mendix recommends upgrading to the latest version to benefit from these improvements.{{% /alert %}} ### Default Access Rules -* **Default rights for new members** are set to **None** for all access rules. +**Default rights for new members** are set to **None** for all access rules. ## Combining Module Roles Depending on Use Case -The module roles described above can be combined to configure access to user account data based on the needs of the application. Instead of assigning broad access, select only the module roles required for each app role. +You can combine these module roles to configure access to user account data based on the needs of the app. Instead of assigning broad access, select only the module roles required for each app role. {{% alert color="info" %}}Users with edit access automatically have read access. Edit permissions therefore include the ability to view and modify data.{{% /alert %}} The following examples illustrate common role combinations: -### Default end user +### Default End-User -Allows users to read and edit only their own details and change only their own password. +Allows users to read and edit only their own details, and change only their own password. -* EditOwnDetails -* EditOwnPassword +* **EditOwnDetails** +* **EditOwnPassword** -### Read-only user profile +### Read-Only User Profile -Allows users to read only their own personal details. Profile updates and password management are handled externally through the configured Identity Provider (IdP) / Single Sign-On (SSO) solution. +Allows users to read only their own personal details. Profile updates and password management are handled externally through the configured identity provider (IdP) or single sign-on (SSO) solution. -* ReadOwnDetails +* **ReadOwnDetails** -### Users who need visibility of other users’ names +### Users Who Need Visibility of Other Users’ Names -Required only when user’s full names must be displayed. For example, when using the [Workflow Commons](https://docs.mendix.com/appstore/modules/workflow-commons/) module, users with access to the Task Inbox must be able to view other users’ full names, as the Assignee column uses this to display who is assigned to each task. +Required only when users’ full names must be displayed. For example, when using the [Workflow Commons](https://docs.mendix.com/appstore/modules/workflow-commons/) module, users with access to the Task Inbox must be able to view other users’ full names. The **Assignee** column uses this to display who is assigned to each task. -* ReadOwnDetails -* EditOwnPassword -* ReadOthersFullName +* **ReadOwnDetails** +* **EditOwnPassword** +* **ReadOthersFullName** -### User profile with email visibility +### User Profile with Email Visibility Allows users to view their own personal details, the names of other users, and other users’ email addresses. -* ReadOwnDetails -* EditOwnPassword -* ReadOthersFullName -* ReadOthersEmail +* **ReadOwnDetails** +* **EditOwnPassword** +* **ReadOthersFullName** +* **ReadOthersEmail** -### Administrative users +### Administrative Users Allows full management of user accounts. -* Administrator +* **Administrator** ## Usage ### Adding the Account Overview Page to the Navigation {#add-account-overview} -On the `Administration.Account_Overview` page, you can view and manage all the accounts in your app. To add the page to the navigation of the app, do as follows: +On the `Administration.Account_Overview` page, you can view and manage all the accounts in your app. To add the page to the app navigation, follow these steps: -1. In App Explorer, open **Navigation**. +1. In **App Explorer**, open **Navigation**. 2. In **Menu**, click **New item**. The **New Menu Item** dialog box opens. 3. Enter a caption. 4. Select an icon. 5. In the **On click** drop-down list, select **Show a page**. The **Select web page** dialog box opens. -6. Find **Account_Overview** using the search box on the top and select it. The **Select web page** dialog box closes. +6. Find **Account_Overview** using the search box at the top and select it. The **Select web page** dialog box closes. 7. Click **OK** to save the settings for the new menu item. If you run the app and log in as a user with the Administrator role, you can see the new page in the navigation. @@ -125,28 +129,28 @@ If you run the app and log in as a user with the Administrator role, you can see 1. Make sure that you [added the account overview page to the navigation](#add-account-overview). -2. Run the app and log in to the app as a user with the Administrator role. +2. Run the app and sign in as a user with the Administrator role. 3. Go to the account overview page. 4. If the new user does not need to consume the published web service of your app, click **New local user** to add the new user. - {{% alert color="info" %}}A local user can only log in to your app using a web browser. Their user name and password cannot be used for authentication to consume a published web service of your app.{{% /alert %}} + {{% alert color="info" %}}A local user can only sign in to your app using a web browser. Their user name and password cannot be used for authentication to consume a published web service of your app.{{% /alert %}} 5. If the new user needs to consume the published web service of your app, click **New web service user** to add the new user. - {{% alert color="info" %}}A web service user cannot log into your app using a web browser. Their user name and password can only be used for authentication to consume a published web service of your app.{{% /alert %}} + {{% alert color="info" %}}A web service user cannot sign in to your app using a web browser. Their user name and password can only be used for authentication to consume a published web service of your app.{{% /alert %}} 6. In the **New Account** dialog box, fill in the user data. 7. Click **Save**. -## Using Supporting Microflows with Mendix SSO {#use-with-mendix-sso} +## Using Supporting Microflows with Mendix SSO {#use-with-mendix-sso} -The [Administration](https://marketplace.mendix.com/link/component/23513) module versions 1.3.X (for example 1.3.2) and 2.1.X (for example 2.1.2) contain a set of microflows to configure Mendix SSO to use **Administration.Account** as the user entity. To use the supporting microflows with Mendix SSO, perform the following steps: +The [Administration](https://marketplace.mendix.com/link/component/23513) module versions 1.3.X (for example, 1.3.2) and 2.1.X (for example, 2.1.2) contain a set of microflows to configure Mendix SSO to use **Administration.Account** as the user entity. To use the supporting microflows with Mendix SSO, follow these steps: 1. Make sure that your app contains the Mendix SSO module. If it does not, import the [Mendix SSO](https://marketplace.mendix.com/link/component/111349) module from the Marketplace. -2. Configure the **MendixSSO_AfterStartup** microflow from the Administration module as the [after startup](/refguide/runtime-tab/#after-startup) microflow. If there is already an after startup microflow, do not replace it, but add the **MendixSSO_AfterStartup** microflow as a sub-microflow in the existing microflow. +2. Configure the **MendixSSO_AfterStartup** microflow from the Administration module as the [after startup](/refguide/runtime-tab/#after-startup) microflow. If there is already an after startup microflow, add the **MendixSSO_AfterStartup** microflow as a sub-microflow in the existing microflow instead of replacing it. {{% alert color="info" %}}If you previously used the Mendix SSO in your application, use the **MendixSSO_MigrateUsersToAccount** microflow to migrate users from the `MendixSSOUser` to the `Administration.Account` specialization. Before executing the migration, carefully read the instructions in the microflow.{{% /alert %}} diff --git a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md index a1b9786aa44..f59fb8545a8 100644 --- a/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md +++ b/content/en/docs/marketplace/platform-supported-content/modules/workflow-commons.md @@ -128,8 +128,8 @@ You can find the following microflows in Workflow Commons: 2. Views personal performance in the **Task Dashboard**. 3. Views workflow progress in the **My Initiated Workflows** overview. 3. Make sure the correct user entity is set in the **App Settings**: open Studio Pro **App Settings** > **Workflows** tab and set **User entity** to *Administration.Account*. When using demo users, you should ensure that the entity of demo users is also set correctly: open **App Security** > **Demo users** tab and set the **Entity** to *Administration.Account* for each of the relevant users. -4. In order to show the assigned users for user tasks, users need read access to the full name of other users. Ensure that either the **Administration.User** or **Administration.ReadOthersFullName** module roles are assigned to all relevant app roles, otherwise users may experience incomplete functionality. -5. For Workflow Commons version 3.10.0 and above, we introduced the `DueDateExpirationInDays` constant to configure the period in days for which the workflows or user tasks are to be considered almost due with visual indicators in pages **Task Inbox**, **Task Dashboard**, **Default Workflow Admin** and **Workflow Definition View**. The default value is set to 2 days. You should set the value based on your business needs. +4. In order to show the assigned users for user tasks, users need read access to the full name of other users. Ensure that either the **Administration.User** or **Administration.ReadOthersFullName** module roles are assigned to all relevant app roles. Otherwise, users may experience incomplete functionality. +5. For Workflow Commons version 3.10.0 and above, we introduced the `DueDateExpirationInDays` constant to configure the period in days for which the workflows or user tasks are to be considered almost due. This option has visual indicators on the **Task Inbox**, **Task Dashboard**, **Default Workflow Admin** and **Workflow Definition View** pages. The default value is set to 2 days. You should set the value based on your business needs. {{% alert color="info" %}} For Workflow Commons versions from 2.1.0 to 3.12.1, you also need to configure the state change microflows in the **App Settings**: