Indicates the prefix to be used when generating permissions automatically for the Application to which the object belongs.
Objects: Transaction, Business Component, Procedure, Data Provider, Web Panel, Web Component, Work With, Dashboard, Query, API
Generators: .NET, .NET Framework, Android, Apple, Java
This property is valid in applications where Authorization is going to be checked automatically using GAM. That is to say, the Enable Integrated Security property is set to "True", and the Integrated Security Level property is set to "Authorization".
The property's default value is the name of the object. You can replace it with any string that follows the syntax for GeneXus object names.
It is available at object level in these particular cases:
In the case of Transactions, a set of permissions is created in the GAM Repository. They are named as follows:
The "<prefix>_FullControl" permission groups all permissions: See Full Control Permissions for details.
The "<prefix>_Execute" permission enables you to display the data of the Transaction (display mode).
The other permissions execute an action over the Transaction (Insert, Update, or Delete).
In the case of Business Components exposed as a service, the following permissions are created in the GAM Repository:
- <prefix>_Services_Execute (reads the data, which implies a GET HTTP over the REST service).
- <prefix>_Services_Insert (implies a PUT HTTP over the REST service).
- <prefix>_Services_Update (implies a POST HTTP over the REST service).
- <prefix>_Services_Delete (implies a DELETE HTTP over the REST service).
In the case of Web Panels, Query, and Dashboard objects, the following permission is created in the GAM Repository:
In the case of APIs, the following permissions are created in the GAM Repository:
Note: The permissions of the API object methods can be redefined with the SecurityPermission annotation.
This property can also be used to group different objects so that all the objects that have the same prefix (i.e. "xxx") will have the same permission names in the GAM Repository (xxx_insert , xxx_update, etc.). Thus, the roles to which the xxx_insert , xxx_update permissions are assigned will be able to execute all the objects with the Permission Prefix property = "xxx".
At runtime, these permissions will be checked automatically when the objects are executed.
This property applies only at design time.
No action is required to apply the corresponding changes when the property value is configured.
GAM - Automatic Permissions generated by GeneXus
GAM - Permissions Created by the User
Integrated Security Level property
Not Authorized Object for Web property
GAM - Permissions
GAM - Authorization Scenarios
HowTo: Define an API object with a security scheme