Hi all,
We have setup deeplink in our application and we are using it to embed URLs links in emails that we send from our application. Only signed in users can access the deeplink (this is working correctly). We have two user roles "AA" and "BB" in our application.
The deeplink microflow retrieves an object from DB (both user roles have access to this object) and then passes it to a show Page action (only user "AA" is allowed to see this page). Entity Access is set to yes for this microflow.
- When logged in as user "AA": everything works fine, the link works the user sees the page with all the information.
- When logged in as user "BB": I would expect that the user would not be allowed to see the page because the user role is not allowed access to it. Instead I can see the page just fine.
Am I doing something wrong? Is this the expected behaviour for deeplinks? Any suggestions on how I can show a message saying "Sorry user BB but you are not allowed access to this page for security reasons", based on the page security settings?
Modeler version 6.5.1; Deeplink version 4.3
Thanks,
Andrej