Wolfram Function Repository

Instant-use add-on functions for the Wolfram Language

Function Repository Resource:

DeployPermissionsGroupManager

Source Notebook

Create a web-based interface for editing PermissionsGroup members

Contributed by: Jon McLoone

ResourceFunction["DeployPermissionsGroupManager"][]

deploys a CloudObject containing an interface for editing PermissionsGroup values.

ResourceFunction["DeployPermissionsGroupManager"][object]

deploys the interface to the CloudObject given by object.

Details and Options

The interface is available only in the Wolfram Cloud or Wolfram Enterprise Private Cloud.
You can allow other people to manage your permissions groups by deploying to a CloudObject with additional permissions.
You can limit the power of these authorized administrators using the following options:
"AllowAddGroup"Truewhether the form will allow the user to add new groups
"AllowDeleteGroup"Truewhether the form will allow the user to delete groups
"EditableGroups"Automatica list of groups that the form can manage
"ChangeAction"Nonea function to apply when any changes are made to permissions groups
"EditableGroups" can include permissions groups owned by another user, as long as the deploying user has read and write permissions for those PermissionsGroup cloud objects. "EditableGroups"Automatic will give access to all current groups owned by the deployer. If a list of permissions groups is given, only those can be edited, even if "AllowAddGroup"True.

Examples

Basic Examples (6) 

Deploy the interface to the default location:

In[1]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][]
Out[1]=

The interface allows you to create new PermissionsGroup objects:

Available groups are listed in the interface:

The members of the group can be viewed:

You can add and remove members:

The interface modifies standard PermissionsGroup objects, which are also accessible programmatically:

In[2]:=
groups = PermissionsGroups[]
Out[2]=
In[3]:=
groups[[1]]["Members"]
Out[3]=

Scope (2) 

Create the interface on a different CloudObject address:

In[4]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][CloudObject["alternateLocation"]]
Out[3]=

Create a form that can only modify users of a specified group but cannot create new groups or edit other groups:

In[5]:=
CreatePermissionsGroup["managersOfThisForm"]; ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][ CloudObject["sharedForm", Permissions -> {PermissionsGroup["managersOfThisForm"] -> "Execute"}], "AllowAddGroup" -> False, "AllowDeleteGroup" -> False, "EditableGroups" -> {PermissionsGroup["managersOfThisForm"]}]
Out[5]=

Options (4) 

"EditableGroups" controls which groups the users of the form can edit:

In[6]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][ CloudObject["sharedForm", Permissions -> {PermissionsGroup["managersOfThisForm"] -> "Execute"}], "EditableGroups" -> {PermissionsGroup["managersOfThisForm"]}]
Out[6]=

"AllowAddGroup" controls whether users of the form can create new permissions groups through the form:

In[7]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][ CloudObject["sharedForm", Permissions -> {PermissionsGroup["managersOfThisForm"] -> "Execute"}], "AllowAddGroup" -> False, "EditableGroups" -> {PermissionsGroup["managersOfThisForm"]}]
Out[7]=

"AllowDeleteGroup" controls whether users of the form can delete entire permissions groups through the form:

In[8]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][ CloudObject["sharedForm", Permissions -> {PermissionsGroup["managersOfThisForm"] -> "Execute"}], "AllowDeleteGroup" -> False, "EditableGroups" -> {PermissionsGroup["managersOfThisForm"]}]
Out[8]=

Users of the form can still use Edit members to remove any or all of the members of the group:

"ChangeAction" allows you to provide a side-effect function to be applied whenever someone uses the interface to make a change. The function should accept an Association with the keys "PermissionsGroup", "User" and "Action", where "Action" will be one of "AddUser" "RemoveUser", "AddGroup" or "RemoveGroup". Send an email every time someone makes a change:

In[9]:=
ResourceFunction[ "DeployPermissionsGroupManager", ResourceSystemBase -> "https://www.wolframcloud.com/obj/resourcesystem/api/1.0"][ "ChangeAction" -> (SendMail[ TemplateApply[ "`Action` was performed on permissions group `PermissionsGroup` and user `User`.", #]] &)]
Out[9]=

Publisher

Jon McLoone

Version History

  • 3.1.1 – 03 April 2024
  • 3.1.0 – 02 August 2023
  • 3.0.2 – 28 October 2022
  • 3.0.1 – 30 August 2022
  • 3.0.0 – 10 November 2020
  • 2.0.0 – 20 October 2020
  • 1.0.0 – 04 March 2020

Related Resources

License Information