Static Actions
What Are Static Actions?
Static Actions are permission-based controls implemented directly within the application code.
With Static Actions, the application retrieves user permissions using the Visual Guard API, and then enables or disables features accordingly.
For example:
If the user has the permission “Can_Read_Invoice”, then the application enables the button “View_Invoice”.
How Static Actions Work
Static Actions follow a structured flow:
- The user logs into the application.
- The application authenticates the user via Visual Guard.
- The application calls the Visual Guard API to retrieve user permissions.
- The code evaluates specific permissions.
- Features are enabled, disabled, or restricted based on those permissions.
Static Actions vs Dynamic Actions
| Feature | Static Actions | Dynamic Actions |
|---|---|---|
| Implemented In | Application code | Visual Guard configuration |
| Code Changes Required | Yes | No |
| Runtime Enforcement | Controlled by code | Automatically applied |
| Flexibility | Moderate | High |
| Maintenance Effort | Higher | Lower |
Key Benefits of Static Actions
🔐 Full Developer Control
Static Actions allow developers to explicitly control how permissions impact application behavior.
This is particularly useful for complex business logic that cannot be handled purely through UI-level property changes.
⚙️ Fine-Grained Feature Management
Developers can apply permissions to:
- Business logic
- Data processing rules
- Transaction workflows
- API calls
- Backend validations
This ensures that security is enforced beyond the user interface.
🛠 Custom Logic Integration
Static Actions enable integration of permissions into advanced scenarios such as:
- Conditional workflows
- Multi-step validations
- Data-level restrictions
- Transaction approval chains
This makes them ideal for enterprise-grade applications with complex rules.
📈 Stronger Backend Enforcement
While Dynamic Actions primarily affect UI elements, Static Actions can enforce restrictions at the core logic level.
Even if a user bypasses the UI, the backend logic still validates permissions.
This significantly strengthens overall application security.
Best Practices for Implementing Static Actions
To ensure secure and maintainable implementation:
- Always validate permissions server-side.
- Avoid relying only on UI visibility.
- Use clear permission naming conventions (e.g.,
Can_Create_Invoice,Can_Edit_User). - Centralize permission checks where possible.
- Combine Static and Dynamic Actions for layered security.