Self-service action for which a user is not authorised should be hidden from him
closed
L
Laurent Sibilla
Currently, users can see all self-service actions. Even the ones for which he is not authorised.
As port administrator, I would like to be able to hide self-service actions irrelevant for a certain category of users.
R
R
FYI. We've updated our documentation better to explain how you can hide self service actions from users using permissions. Let us know if you have any questions!
https://docs.getport.io/actions-and-automations/create-self-service-experiences/set-self-service-actions-rbac/dynamic-permissions/#instructions
R
R
closed
R
R
FYI. We've updated our documentation better to explain how you can hide self service actions from users using permissions. Let us know if you have any questions!
L
Laurent Sibilla
R Right! I'm pretty sure when I tested that a few weeks back, all users could see all actions, even the one they were not allowed for. We can close this request.
R
R
This actually is already possible using permissions in Port Self Service actions using the "roles", "users", and "teams" fields if you edit the permission in JSON.
For example, if you modify a self service action to have the following permissions, only members of "team1" will be able to see and execute the action.
{
"execute": {
"roles": [],
"users": [],
"teams": [“team1”],
"ownedByTeam": false
},
"approve": {
"roles": [],
"users": [],
"teams": []
}
}
The "roles", "users", and "teams" fields have a logical OR between them. For example, if you want rao@getport.io OR team1 users to be able to execute the action, you could do the following.
{
"execute": {
"roles": [],
"users": ["rao@getport.io"],
"teams": [“team1”],
"ownedByTeam": false
},
"approve": {
"roles": [],
"users": [],
"teams": []
}
}
We're working to update the docs on role-based access control for Self Service actions to make this functionality more clear!