- How does the user groupware work?
- User level
- Supervisor level
- Implementing the user groupware
- Adding the user groupware to an application
- User groupware options (standard and BaaS mode)
- Options specific to the standard user groupware
- Options specific to the BaaS user groupware
- Testing the application (Standard User Groupware)
- Creating the WINDEV executable
- Installing an application that uses the standard user groupware
- Configuring the application that uses the standard user groupware
- Managing users
- Managing rights
- Displaying statistics
- Migrating data
- Tips for an application that uses the user groupware
- Using groups of controls
- Visibility of controls
- Defining rights
5. User groupware in practice
An application must define the role of different contributors. Several access levels can be defined according to the user.
All users have different responsibilities and requirements. Their field of action must therefore be more or less limited.
Let's take a simple example: a sales management application that offers the following features:
- View prices,
- Modify prices,
- Enter orders,
- Entering customers.
Access may vary according to the user. For example:
- administrative assistants can see the price list and create orders.
- sales representatives can see the price list, place orders and create new customers.
- sales directors have access to all options.
To manage these access levels in your WINDEV applications, simply integrate the user groupware. In just a few clicks, a standard application can be transformed into an application that manages several access levels. This feature can be easily implemented.
When starting the application, the manager will be able to create users (identified by their username and password) and give them access to some application features.
How does the user groupware work?
An application that uses the user groupware has two levels:
- user level.
- supervisor level.
The user logs in to the application and accesses the available features.
Remark: You can also log in using an LDAP directory.
The supervisor logs in to the application and accesses an advanced menu to configure users and their rights, or to start the application.
The configuration window allows the supervisor to:
- start the application.
- configure the groupware.
Configuring the groupware consists in creating and associating users and groups, and managing the rights granted to each user (or group) on each window of the application. Rights can be defined for menu options, groups of controls and controls. The supervisor can gray out these elements, make them inactive or invisible. These configurations have priority over any configuration defined in the program.
Remark: The information regarding the users and their rights is stored in data files in HFSQL format (Classic or Client/Server).
Implementing the user groupware
Adding the user groupware to an application
To implement the user groupware in a WINDEV application, a single option is required: on the "Project" pane, in the "Project" group, click "User groupware".
The user groupware settings window allows you to define:
- The type and start mode of the user groupware.
- The type of customization.
- The type of database and the location of the user groupware data files (Standard User Groupware).
- The user authentication mode (Standard User Groupware).
- The use of a specific connection service (Standard User Groupware).
- The BaaS mode settings.
User groupware type and start mode
The user groupware integrated in a WINDEV application can be a:
- Standard User Groupware: This option allows you to integrate the user groupware into your application. This user groupware will be associated only to your application, and the rights will be defined from the application.
- BaaS (Backend as a Service) User Groupware: This option allows the use of a BaaS (Backend as a Service) user groupware with rights management via a server. In this case, an HFSQL Server and a WDBaaS dedicated sever must be installed.
Note: You can also choose the user groupware of previous versions kept for compatibility.
Options may vary according to the type of user groupware selected.
Starting the user groupware
Two modes can be used to start the user groupware:
- Automatic start: The user groupware login window is started before any other window of the application. The project initialization code is executed once the login window is opened and validated.
- Manual start (by programming): The login window will only be opened if gpwOpen is used. This option can be used to execute the project initialization code before opening the login window. This makes it possible, for example, to display a window requesting the language in which the application must be run.
User groupware options (standard and BaaS mode)
There are multiple user groupware customization modes:
- No customization: the entire programming of the user groupware is automatically included in your application. No customization can be done. The project skin template is automatically applied to all windows used by the user groupware.
This integration mode automatically follows future changes in the user groupware.
- Customize login UI (log in, register): the entire programming of the user groupware is automatically included in your application. The login UI can be modified. The corresponding window is added to your application. You can customize this window.
This integration mode automatically follows future changes in the user groupware.
- Full customization (only in Standard User Groupware mode): the entire programming of the user groupware is automatically included in your application via an internal component. All the windows required to manage the user groupware (login and user management) are automatically added to your project. This allows you to customize all the windows used by the user groupware.
See the online help to learn more about the different windows of the user groupware.
The option "Apply project skin template to non-customized windows at runtime" applies the skin template of your project to the windows specific to the user groupware if they have not been customized.
The option "Prevent reports and queries in the application from being edited in 'Reports & Queries'" allows you to directly prevent users from editing reports and queries in the Reports & Queries tool. If this option is not checked, you must define the rights for every report and query available.
The option "Automatic login for test mode" allows you to specify the username and password to be used in the "Automatic test" mode. This information will be used if an automatic test is run on the application.
The "Options" tab also allows you to define options for the data files. In "Standard User Groupware" mode, the user groupware uses several specific data files. These data files are mainly used to manage users, groups, rights and elements in the application. The standard user groupware can be used:
- with HFSQL Classic data files. In this case, you can specify the location of the data files via the "Standard" tab.
- with HFSQL Client/Server data files. In this case, the "Standard" tab allows you to define the parameters for accessing the HFSQL Client/Server database as well as the file directory.
- data files are in English. To use data in French, simply check "Data files in French".
- user groupware data files have a specific password. This password is: "PCSGPW2001".
To change this password, enter the new password in the "Options" tab of the user groupware description window. Characters are shown as bullets.
Remark: This password is used when re-indexing or opening data files with WDMAP for example.
See the online help for more details.
Options specific to the standard user groupware
The standard user groupware includes several user authentication modes:
- Authentication managed by the WINDEV user groupware.
- Authentication from an LDAP directory.
- Windows authentication.
These options appear in the "Standard" tab of the user groupware description window:
- Authentication entirely managed by the user groupware:
The username and password are saved in the user groupware data files.
- Authentication from an LDAP directory or Active Directory:
If the company of your customer uses an LDAP directory, you can enable the user groupware on this directory. Simply click the link "Click here to enter the server parameters" to specify the characteristics of the LDAP directory (server, port, base DN, etc.). Therefore, the account and the password in the LDAP directory will be automatically requested to the user. For more details, see the online help.
- Windows authentication:
In this case, the username and password correspond to those defined for Windows.
Remark: You can also use a unique authentication. In this case, the username and password will be requested only once per session.
Depending on the option chosen, additional options may be available:
- Login window only (no management of rights): This option is only available for LDAP and Windows authentication. If this option is checked, no groupware data file will be created. If the application is started in automatic mode, the user will need to log in. If the user is saved in the LDAP directory, the application will start; otherwise, it will be closed. A supervisor cannot configure the rights on the windows. If this option is not checked, only the users in the LDAP directory will be able to log in. You can set the rights on the windows.
- Single authentication (SSO): This option allows you to enter the password only once per Windows session.
The "OAuth" tab allows you to authorize the use of a specific connection service. For the specified service, it is necessary to specify the corresponding identifiers (provided when registering the application with the selected service).
Options specific to the BaaS user groupware
When using a BaaS user groupware, the "BaaS" and "Email" tabs allow defining specific options.
The BaaS tab allows you to define:
- the location of the user groupware application server. You can select a PCSCloud platform or a Network or Internet server,
- the type of deployment.
The "Email" tab allows you to specify the parameters of the email server and to write the messages for registration confirmation or password recovery.
Testing the application (Standard User Groupware)
When an application that uses the standard user groupware is tested, the first window that appears is the login window (regardless of the first window defined in your application).
A single user is created by default: the supervisor. To log in as supervisor, simply enter the following information in the login window:
- Name: SUPERVISOR
- Password: SUPERVISOR
You can test your application, or configure the user groupware.
- To set a first window other than the login window in your application, select "Manual start (by programming)" in the "General" tab of the user groupware options. Simply use gpwOpen to open the login window.
- The user groupware management windows are executed before the project initialization code.
- The window of your application defined in the project will be opened after the login window (if the user is not the supervisor).
- In the "Options" tab of the user groupware configuration window, you can define the username and password to be used for the test mode. The password will no longer be requested when you click GO to test the window or project.
Creating the WINDEV executable
When creating an executable that uses the standard user groupware ("Generate" option on the "Project" pane), the wizard will show a screen specific to the standard user groupware.
This allows you to define the location of the user groupware data files.
Installing an application that uses the standard user groupware
An application that uses the user groupware is installed like any other application: on the "Project" pane, in the "Generation" group, click "Setup procedure".
The wizard proposes a screen specific to the standard user groupware to set the location of user groupware data files.
- If the user groupware data files have been configured for your client, they must be selected when preparing the setup. Therefore, the list of setup files must be customized.
- If the groupware data files have not been configured, the Supervisor will be the only user in the application the first time it is started.
Tip: If you do not configure the different user groupware use levels for your clients, we recommend that you provide them with a document listing all the controls used in your windows in order to get an optimized configuration.
Configuring the application that uses the standard user groupware
When the application is deployed, the standard user groupware is configured by the application supervisor.
This configuration consists in creating users and groups of users, and granting them specific rights for each control in each window of the application. These rights are used to gray controls, groups of controls or menu options, and to make them visible or invisible.
To configure the standard user groupware, simply:
- Start the application (executable or test from WINDEV) and log in as supervisor:
- Name: supervisor
- Password: supervisor
- Select "Configure groupware".
- The user groupware management window appears. This window is used to:
- manage users and groups,
- manage rights,
- display statistics,
- migrate data coming from a user groupware version 17 and earlier.
The user management consists in:
- creating users,
- creating groups,
- associating users with groups.
To create a new user, you must specify:
- the user's last name.
- the user's first name.
- the username (mandatory). This username is the identifier used to log in to the application.
- the user's password. This password is optional and can be entered by the user the first time they log in (check the corresponding option).
The user can be defined as supervisor of the application.
You can also modify or delete users. When you delete a user, you can delete the entire user or their rights only.
Users can be grouped.
To associate a user with a group, simply drag the user and drop it onto the selected group.
A user can be associated with several groups.
- It is recommended to change the supervisor's password the first time you use the application.
- If you use an LDAP directory, you can import the users form the directory to manage their rights.
The supervisor can manage the rights granted to each user (or group of users) on the elements of the project windows.
A specific state can be defined for all the elements of a window associated with a user.
The elements in the windows, internal windows and window templates are as follows:
- groups of controls.
- menu options.
The following states are available for each element:
- Default: the element behavior corresponds to the default behavior, defined in the application.
- Inactive: the element is displayed but no input can be performed.
- Grayed: the element is grayed. No input can be performed.
- Invisible: the element is not displayed.
You can get application usage statistics by user for a specific period.
From version 18, the user groupware has been optimized. The data files used by the user groupware have changed.
The user groupware administrator can migrate the existing data to the new format and therefore automatically retrieve the data used in the earlier versions. This migration can be performed regardless of the data format: HFSQL Classic, HFSQL Client/Server or Native Connector.
Tips for an application that uses the user groupware
Using groups of controls
To simplify the configuration of the groupware management according to the users, it is recommended to use groups of controls.
You can create groups of controls in your windows according to the controls to be displayed for a specific user.
The ability to associate a control with several groups of controls increases the number of possible combinations.
These groups of controls can be created in your application for managing the groupware, no specific programming is required.
Visibility of controls
When developing your application, you can define the visibility options of the elements in your windows:
- in the element description (7-tab window).
- by programming (State or Visible properties).
When configuring the user groupware, the supervisor can define different visibility options. The options defined by the supervisor have priority.
For example, a button is used to make a control active. This control was grayed by the supervisor. Your code will be ignored and the control will not be active.
To define the rights corresponding to the features of your application, it is recommended to:
- set the rights according to the application user's requirements before creating the setup procedure. Simply add the groupware data files when you create the application setup.
- provide a technical documentation that includes the names of controls, groups of controls and options that must be configured according to the usage level defined for the application.
Click [Add] to post a comment