So, let’s try to break down how to secure and control our applications within the DreamFactory Service Platform (DSP). We will start with a simple application that comes with our DSP by default, the Calendar App. We will continue within the Admin Console in our DSP.
First, let’s get an idea on just how this application works… When I click to preview it, a calendar pops up. Here, I am able to insert data into any day on the calendar and assign it a description with a time value and even a color!
So, I think this is a pretty cool idea… and as a small business owner maybe something that I want to deploy to my team. Let’s say we have 3 people on the team including myself. Of course, our team members have names: Mark (that’s me), John, and Sally.
Now we have our calendar app. We know the people that we want to be able to access the app. And, we know who we want to be in charge of the app. These are important ideas, and that is why we’ve included the integration of Users and Roles into our Service Platform.
Bob is thinking about the implementation of the calendar app. He wants John to be able to see the calendar, but does not see the need for John to add his own events to it. In the same respect, he wants Sally to be able to read and write to the calendar, because she is responsible for scheduling meetings. Bob will have control over both of his employees’ access to the calendar as well as his own access.
Since we have a concrete foundation on how to proceed we can now continue with our implementation. Let’s create our users for the application. Because I already have a DreamFactory account, I only need to create two users, one for John and one for Sally. Keep in mind that this User account can be used for the duration of the life of this application as well as all other apps that we create. Simply proceed into the Create User screen and enter the information for each different user.
This will be the information that they use to log into the DSP you originally created ! So, there is only one service platform with three users that can access it.
After we have created two users here, one for John and one for Sally, we can proceed to the Create Roles section. Before we do that, let’s take a quick step back to see what exactly is happening.
First, we have our DreamFactory Service Platform (DSP) which was created by myself (Mark) when I signed up for my free hosted version of the DSP on DreamFactory.com
Secondly, I have a calendar app that comes with the DSP by default. I want to share this app with my employees to consolidate and share our meetings.
Finally, I do not want all the Users of my application to all have the same access level to this app.
We are now going back to the Create Roles section within the Admin Console. Here, we can create different roles to our services. In the case of our calendar app, we want to create two separate roles: one for John and one for Sally. The picture below is John’s scenario. The Service associated with the calendar app is Database. After we select this service, we can choose what kind of access we want the specific user to have and assign a particular User to that Role.
I hope this clears up how Users, Roles, and Services related to one another!