Tuesday Tips: Implementing User Roles in Experiences

Most applications have user roles. For example, in some applications, certain pages and functionality are available to everyone, and others only available to an admin user. You can implement your own custom user roles with a Losant Experience.

This tip is adapted from How to Securely Upload Files with Losant Experiences , by Brandon Cannaday

Let’s look at an example. Here is an example of an Experience View:

For this application, the maintenance interval data (stored in a Losant Data Table), should be available to everyone. But, we only want administrators (a new role type) to upload new maintenance interval data to the underlying Losant Application. This use case requires us to show/hide the upload form you see above based on the user’s “role.”

There are two main ways to “group” Experience Users:

Experience Groups - An Experience Group is a mechanism for associating your application’s devices with your Experience Users. Experience Groups are there to help you manage the relationship between your groups of customers and their devices.

Experience User Tags - Tags allow for the storing of arbitrary data against any Experience User, like user roles (ex. admin or not). Tags can be used to group Experience Users in the most flexible way possible.

We recommend Experience User Tags for user roles. Since user roles don’t usually impact any relationships to devices, but they do impact the UI, we don’t need to create Experience Groups for user roles.

In the image of the Experience you see above, here is the code to hide/show the upload form based on the user’s role (experience.user.userTags.role) and using the #eq helper:


{{! Only show the upload form if the user is an admin and a member of the Kanarra Technologies group }}
{{#eq experience.user.experienceGroups.[0].name 'Kanarra Technologies'}}
{{#eq experience.user.userTags.role 'admin'}}
  <form action="/maintenance-intervals" method="POST" enctype="multipart/form-data">
    <div style="font-size: 16px; text-align:center;margin-bottom:15px;">
      Upload new maintenance intervals
    </div>
    <div>
      <div style="text-align:center;">
        <input type="file" name="maintenanceIntervals" id="maintenanceIntervals" accept=".csv">
      </div>
      <div style="text-align:center;margin-top:10px;">
        <button class="button">Upload</button>
      </div>
    </div>
  </form>
{{/eq}}
{{/eq}}

Using techniques in this tip, you can start to build out user roles in your Experiences today. We’ll be back with a tip next week! :slight_smile:

1 Like

Hi Taron, thank you for a good example. I am currently implementing a better user management in our instance and a few things are not clear to me, for example:

  1. Where to find a reference doc for Syntax of Losant Helpers available in custom pages. I mean #eq and #if etc

  2. What if I want to give an access to users who are part of a certain group, but there are a few groups they are members of? It results in 0-N array records on experience.user.experienceGroups.[index]. In other words, what if I don’t know the exact index of the group. Should I browser through all available groups?

  3. Could you correct my expression for the example described in 2), please?

    {{#eq experience.user.experienceGroups.[0].name ‘My Target Group’ || #eq experience.user.experienceGroups.[1].name ‘My Target Group’ #eq experience.user.experienceGroups.[2].name ‘My Target Group’ #eq experience.user.experienceGroups.[3].name ‘Target Group’ }}
    {{/eq}}

@Alexander_Kondrov,

  1. Yes, they are hard to find. It’s currently on our list for doc improvements. I’ll bump that up for you.
  1. & 3.

I don’t actually think you can nest helpers in a conditional like that. ( I’ll have to double-check the best way to do that. ). But, my best recommendation would be to move that logic into a workflow and pass it in as page data. You can do the logic in a Workflow and pass userShouldSeeSomething ( or something of the like) to your page. Then, you can reduce down to a simple #if:

{{#if userShouldSeeSomething}} Aweomse IoT Things {{/if}}

I recommend keeping the logic in your views super simple.

Taron,

Thank you for the advice to pass view rights stuff from the workflow. I haven’t think about it before receiving your hint. I will try to check it out.

1 Like

Taron,

In addition, I have a feedback on the syntax of your and Brandon’s example.
‘Kanarra Technologies’ - didn’t work for me
"Kanarra Technologies" - worked for me

1 Like