In Version 4.1, the authorization plug-in was introduced. The advantages of plug-ins are mostly reusability and declarative setup. To demonstrate the use of an authorization plug-in, we will create a page and a tab that will only be displayed when the logged user has the correct privilege, that is
ADMIN. This privilege is stored in the
APP_USERS table. When the user logs in and he or she has no correct privilege (
ADMIN), the tab will not be displayed. On top of that, when the user tries to access that page by modifying the URL (with the concerned page number), an error message will be displayed.
Make sure you have access to an existing application and the
APP_USERS table and the
APP_COUNTRIES table. ...