Current state:
Our company (Prague Airport) has a complex AGE deployment. We are maintaining multiple web apps containing web maps and map services. In each of the apps a different agenda is being managed, and the data is accessed/viewed/edited by users in user groups with specific privileges.
It is very difficult and time consuming to maintain these apps and keep them up-to-date. If we need to make a simple change, we need to update each of the apps one by one. Imagine the amount of work when we currently manage 12+ applications.
Idea:
We would appreciate having an environment where the data governance was simplified.
We suggest a solution to use a single service, a single map and a single app – with settings similar to security proxy, that ensure the users see only items specific to their user group.
This solution could be applied on:
- Layers: A map with multiple layers where each user could only see a subset of them.
- Fields and domains within a service: A particular user (or the public) could only see a subset of fields.
- Applications: A security proxy could control capabilities based on user groups. For example, to prevent users who manage power line data from seeing and editing waterpipes.
- Widgets in apps: It would be great if the security configuration could allow the app to enable/disable widgets dynamically on load.
This approach would make item and data management more flexible, efficient and easier to maintain.
Can you please consider changing the security model as described?
@VHolubec @RomanJanecek @JanDlouhy
