WP Data AccessApp Builder

Appearance

🚀 Rapid Application Development with the App Builder

Client-Side

App authorization is managed in the App Manager under Access > Authorize Roles & Users and applies to both back-end and front-end usage. You can dynamically grant or revoke permissions. However, any permissions that exceed the app’s configured limits will still be blocked by the server.

Client-Side Permission Control with Hooks

Client-side functions let you grant or revoke permissions dynamically. However, if permissions are granted that go beyond the app’s configured settings, the server will block the corresponding actions.

📌 For example, if delete actions are disabled in the app, calling app.setDelete(true) will show the delete option in the UI, but the server will still block deletion.

Available Client-Side Permission Functions

js
app.getUsername()
app.userHasRole(role)
app.setGlobalSearch(boolean)
app.setColumnFilters(boolean)
app.setInsert(boolean)
app.setUpdate(boolean)
app.setDelete(boolean)
app.setInlineEditing({ [columnName]: boolean })
app.setBulkActions({ [bulkActions]: boolean })

✨ Example onAppOpen Hook

js
if (!app.userHasRole("manager")) {
    app.setGlobalSearch(false)
    app.setColumnFilters(false)
    app.setInsert(false)
    app.setUpdate(false)
    app.setDelete(false)
    app.setInlineEditing({
        "email": false,
        "first_name": true,
        "last_name": true,
    })
    app.setBulkActions({
        "pdf": true,
        "xml": false,
        "delete": false,
    })
}

Other Examples

Notes

  • The preferred hook for permission control is the onAppOpen hook (available in Table Builder > Hooks). Use the postQuery hook for related detail tables.
  • Permission control functions are not available in the global hook.
  • Do not call any app.set* functions during rendering, as this can cause an infinite loop.