Troubleshooting RBAC

Overview

You've learned about the different levels of RBAC (role-based access control). You can easily set up RBAC for your environment, modules, and components. Now that you know how to customize your RBAC settings, let's go over how you can test or troubleshoot them. You'll do this using the Express Preview Bar in Express View.

When might you want to test your RBAC?

  • You changed permissions and want to make sure the user experience is correct for each role.

  • Your end-user complains that they can't view a page they should have access to.

  • Your module has sensitive information that only certain roles should see.

Let's get started.

What You'll Learn

In this article, you’ll learn:

Testing RBAC in Express View

RBAC lets you adjust permissions for different parts of your application. Maybe you want your managers to have access to one module, but not another. Perhaps your graphic design team needs access to a dashboard. But, you don't want them to see the rest of the components in the module. As you've learned, customizing your RBAC settings is easy. Once you've set up your RBAC settings, it's important to test what the user experience will be like for each role.

Each non-production environment has a corresponding Express side or Express View. You'll access this view by previewing your module. (You can preview your module by clicking the Preview button in the Module Builder.) Express View shows the user interface of your application. In Express View, there's an Express Preview Bar at the top of the page. You can use the bar's Preview As drop-down to see your application from different user roles.

To change the user role in Express View:

1. Preview your module. You'll see the Express Preview Bar at the top of the page.
2. Choose a role from the Preview As drop-down. Express View updates, showing the module through the chosen role's view.

The Preview As drop-down defaults to the Administrator role, which has full access. Through this role's eyes, you can see and interact with every component in your module. As you change Preview as roles, the Express View should only reflect what you want that role to have access to.

What happens if a role's Express View experience doesn't match the expected behavior? What if some of your end-users wouldn't see a component they need access to? This tells you that there's an issue in your RBAC settings. Go through and check your RBAC settings at the component-level, module-level, and environment-level. Then, head over to Express View to preview your module again through that role.

If you can't see the Express Preview Bar, check if it's disabled in your environment. You can enable the Express Preview Bar under Environment Administration. Or, for another approach to testing RBAC, check out the next section.

Testing RBAC Settings with a Test User Account

Another way to test how a role will see your application is to create a test user account. To create a test user account in Unqork, you'll need a unique email address. If you have a Gmail or Outlook account, this is easy. Enter your email address, then add a plus sign (+) and a random word or number before the @ sign. For example, let's say your email address is nocodeisfun@unqork.com. You could enter nocodeisfun+test@unqork.com. Now you have a unique email address you can use to set up your test account. Any emails sent to this alias address will actually send to your main account instead.

With your test account set up, you're ready to give it an Unqork role in your administration settings. Now you can log in to Unqork as your test user and move through your module as a particular role. You'll only see what a user with that role would see. You can create as many test accounts as you need if your application has many roles!