Roles & Capabilities

padams edited this page Jan 28, 2015 · 2 revisions

OWA provides developers with a built-in permission and authentication framework. Every OWA use is assigned a role. A role in turn provides the user wit ha collection of capabilities. Capabilities are mapped to controllers.

Logic is as follows:

  • User makes a request to "do" something.
  • OWA evaluates the "do" and creates the corresponding controller.
  • OWA checks the required capability of the controller
  • OWA checks the role of the user to see if it has the required capability
  • if the user possesses the necessary capability, then all proceeds
  • if not, the user is directed to the login page or an error page if already authenticated by a plugin


OWA implements a number of default roles that can be assigned to users. See roles for more information.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.