For securing the Mendix Client from malicious commit actions of entities.
Use this module if to prevent that the requests from the Mendix client to the runtime are executed to commit objects and bypass nanoflow/microflow validations and checks.
Features
- Uses a global before commit event handler for validating commits of object - instead of having to create entity specific before commit event handlers.
- Toolbox actions to allow commits of objects or lists of objects. Alternatively, manually set the boolean in a change object action.
Limitation
- This will not work for microflows that have
Apply entity accessset toYesdue to the fact that access rights that are set to none.
- v1.0.0 for MX 8.18.25 or higher and Mendix 9
- v2.0.0 for Mendix 10.1.1 or higher
Download the module and add it to your project.
1. Constant value
- Set the constant
MemberNameAllowCommitto the value that you will use in your project. The name of the attribute to allow commits e.g._isCommitAllowed. Set the value in your project configuration and cloud deployment environment.
2. After Startup
- Add the microflow
AfterStartUpof the moduleClientSecurityAddonto your applications after startup microflow
3. Domain model - To secure an entity
- Add a boolean member with the value of this constant value e.g.
_isCommitAllowed - Specifiy no access rights on this member for any module role.
4. Microflows - To allow commits in a microflow
-
One object: Select or drag and drop the
Object allow commitactivity in your microflow and pass the object that you want to allow a commit for as the parameter to this activity. -
List of objects: Select or drag and drop the
List allow commitactivity in your microflow and pass the object that you want to allow a commit for as the parameter to this activity. -
Alternatively: In a
Create object/Change objectactivity in your microflow set the member value totrue.