I’ve already followed the tutorial from @George how to get user details. The problems is, I want the user roles created by the security provider and not the ones stored in the database. In other words, I need the roles which are also used in the security provider enforcer. Is there a way to get the role from the logged in user?
How are your roles organised, in user table or in a separate related table? I assume from your question users can have multiple roles?
The way I solved the multiple permission problem is the following:
Instead of using two databases, I’ve used only one where every user can have just one role. Admin, editor, publisher, user or guest. Admin has access to everything but I don’t want to create multiple conditions in the page. Instead, admin is assigned to every provider role via the permission conditions in the security provider:
Like that. I hope that makes sense 
Funny, before I dared to open this topic, I’ve watched this video as well as other topics.
But unfortunately, this doesn’t solve my problem. Even though your approach gives the ability to assign multiple roles to users, it doesn’t change the fact that Wappler generates its own roles in the sec provider and uses it for the sec enforcer which, unfortunately, only can be applied to whole pages. So it’s kind of a double track. Wapplers user roles, and the ones that are stored in the database itself. That is a shame what I’d like to see is a security enforcer in the app structure itself to restrict access to certain components of the page and not just entire pages. It would already help if not only the identity was accessible on the server side, but also the role the logged in user has.
You can get the logged user details, including role, by filtering users query by the logged user id. This is already explained in the documentation: Getting Details of the Logged In User and Binding them to your page
You can then use conditional regions in app connect and show / hide them depending on user role.
Security enforcer is for protecting whole page only. Conditional regions used the way explained above should be used if you want to show/hide elements on your page.
No worries I’ve crawled though the forum before posting this question. 
The way I understand it, there are two kinds of roles:
A: These roles are being used by the security enforcer of the page.
B: These are the roles which are in the database itself.
As you can see, if a user has the role admin in the database, he automatically has all permissions in Wappler the way I set it up. If I filter the database itself, I don’t get the roles used in Wappler.
Is it even possible to assign one user to several Wappler permissions?
If yes, the advantage of this is, I don’t have to check twice if someone is editor OR admin. I just check the editor since admin also has editor.
Is it even INTENDED by the the devs, to assign one user to several Wappler permissions?
I am not sure i understand what exactly are you asking…
If you want to protect the whole page - use the enforcer.
If you want to hide specific regions - get logged user details and use conditional regions.
I’d create a separate page for Administrators simply due to the nature of the role. Then use a little trickery to redirect to specific pages based on a User Group variable such as a session. We have tried to accommodate multiple roles in to single pages and it soon gets messy in my opinion.
Ie, on successful sign-in pass to a redirect page that contains the re-directs based on the User Role (session value).
Something along the lines of (excuse the screen shot as can’t post code):
Infact each navigation link could be directed to a re-direct page. That way if you ever want to change your navigation you only ever have to edit the re-direct page to do so…
Just a thought.
EDIT. You can discount the first line. I automatically do that for some reason, old habits (some bad ones too)…
1 Like
That’s what that video I linked shows you how to do, 1 user, multi permission
1 Like
Ok I think we are living in different worlds right now which is ok, it can happen. And I don’t blame you as my explanations can become quite complicated. Sometimes an idea sticks in my head and since I hate compromises, I tend to miss the target.
I’m gonna think about this whole role model I’m using right now in my page as I agree with @Dave, it kinda gets messy. So either I’m gonna solve this in the database itself like @Hyperbytes explained in his video, or I’ll give Dave’s approach a shot which actually sound quite interesting.
Anyways, thank you for your efforts!
I’m gonna post how I did it in the end.
1 Like
Yes, Dave’s use of sessions is an alternative although I suspect it would be possible to do exactly the same with the browser component.
His method is basically how it was done in the old Dreamweaver security provider.
1 Like
If it ain’t broke and all that! It works and saves any messing around. Easy to update and implement. All good.
This is exactly what security provider enforcer does…
1 Like
I like simple. It is all too easy to over-complicate things.
I promised you how I managed the user permission problem. Actually, it’s so simple I almost feel ashamed to have stolen your time for this matter.
All user roles stayed the same except admin which I’ve changed to “admin,editor,publisher” in the database. Also the condition in the sec provider has been changed to match the admin. The trick is, now I can use a “contain” condition rather than “equal” and show certain elements in the page depending if someones an editor/publisher or admin. By using contain, for the admin and editor/publisher both conditions are true.
I know for some of you this might be a bit stupid but really, that’s all I need. I have a very dynamic page and depending on the role different elements are being showed except the admin, who sees everything.
Take care!
1 Like
Well you can always write a howto guide in our docs category so it’s clear for future users
1 Like
Hm it’s kind of a cheeky approach so I’m not sure this fits in the clean Wappler documentation.
The next days will show how well this works, then I’d be glad to put something in the Howto.
3 Likes
@jowhiskey would be nice to see how you‘ve done it. Cause I‘m sitting at the same point and thinking about how to handle logins. Should I use two different logins one for Admin and the others for : User, Editor,Publisher ?
I don‘t want to create alot of different pages, as later I need to translate and manage them. So I guess I could do:
- Admin Side: Advanced Dashboard, single language
- User/Editor/Publisher Side: Own Dashboard , multilanguage
So I need to setup different dashboards. If I want to put them alltogether into one dashboard, my ServerActions and containing steps will get a bit messy. Of course as @George said its good to use Folders and Filenaming which follows the logic of Database side (CRUD). But maybe I could do it slim and light withing same dashboard and with Conditional Regions 
. Any ideas guys?
The way I did it is described above. The trick is to put every additional permission a role has in the permission column, seperated with something simple like a semicolon. In the conditional regions and the show conditions, you can use “contain” instead of “equal” now. For example:
Admin = “admin,editor,publisher,user”
Editor = “editor,publisher,user”
Publisher = “publisher,user”
User = “user”
So if you have a conditional region for publisher, like
userdetails.data.userdetails.contain(“publisher”),
admin and editor also can view the content.
BUT, this does only work with appconnect since the serverside security provider doesn’t support “contain”. Also, I’m not quite sure if the security provider supports multiple roles for one user. In my case it was no problem since there are pages only the admin can see, and pages, all logged in users can see.