App Studio
Permissions Audit
The Permissions Audit view in App Studio Designer shows the effective access configuration for any user in an app — which pages they can see, which widgets are visible, and which visibility expressions evaluated to true for their role set. Use it to troubleshoot access issues without requiring the user to be present.
Accessing the Permissions Audit
1
Open the app in App Studio Designer (admin or designer role required)
2
Click the Audit tab in the left toolbar (shield icon)
3
In the Simulate User panel, enter a userId or select from the list
4
The audit view loads the user's Passport roles and evaluates all visibility rules
5
The results show which pages and widgets are visible, hidden, or blocked for that user
Audit Report: What It Shows
| Section | Content |
|---|---|
| App Access | Whether the user can enter the app (pass/fail with their roles vs. allowedRoles) |
| Pages | Each AppPage: visible / hidden, the requiredRoles, the user's matching roles |
| Widgets | Each widget on each page: visible / hidden, the visibility rule, evaluation result |
| Expressions | For each visibilityExpression: the expression text, evaluated value (true/false), and any errors |
| User Context | The user's full context object as resolved from Passport: userId, tenantId, roles, claims |
Using the State Inspector for Real-Time Role Preview
The State Inspector in the canvas allows you to override the context object interactively and see the canvas re-render with those simulated roles. This is faster than the formal audit for quick checks:
// State Inspector — context override for preview
// Open State Inspector → Context tab → Edit JSON
{
"context": {
"userId": "user-preview",
"tenantId": "acme",
"roles": ["viewer"],
"displayName": "Viewer Preview"
}
}
// Canvas re-renders with these roles
// Visible widgets = what the viewer role sees
// Hidden widgets = shown with a dashed outline in designer mode
App Design Audit Checklist
Before publishing an app, run through this permission audit checklist:
- Simulate each expected role (admin, manager, sales, viewer, etc.) and verify the page list looks correct
- Check that admin-only pages are not accessible to non-admin roles via direct URL
- Verify that delete/destructive action buttons are hidden from viewer roles
- Confirm that sensitive columns (salary, revenue, PII) are not visible to general user roles
- Test that
visibilityExpressionfields usingrow.*don't error when the row is null (e.g., on page load before data arrives) - Verify that the app returns 403 (not a broken UI) for unauthorized users by testing with a user who has no matching role
Audit is read-only
The Permissions Audit view does not modify any settings. It only reads the current app configuration and the selected user's Passport roles, then evaluates all visibility rules against them. No data is written.
Troubleshooting Common Visibility Issues
| Symptom | Likely cause | Fix |
|---|---|---|
| Widget always hidden regardless of role | visibilityExpression throws an error (fail-closed) | Check State Inspector Expressions tab for evaluation errors; fix null guards |
| Page not showing in sidebar for correct role | requiredRoles typo or case mismatch | Compare exact role string in Passport vs. requiredRoles config |
| User sees a page but gets empty data | Data service filter too strict; or context.userId not passed correctly | Check data source params; verify context tokens in widget config |
| Admin sees the same as viewer | visibilityExpression references wrong context property | Use context.roles (array), not context.role (undefined) |