Recently we identified that one of the developers is able to use the System "Login" action and is using it to get into the environment even as an administrator and is able to access critical components like Users and other applications as admin.
He had done this without any wrong intentions but we from the COE Team here in Schneider feel it can be misused.
Hence we suggest to somehow hide this action from end developers to even see it.
I have raised a support ticket for this. CaseId=2035898
Some Excerpts:
"It will not be possible to go through every warnings or open applications to check if developers are misusing this feature. And above this we from the platform COE will be able to check this when the application is moving from Dev/QA to higher environments like Pre-Prod and Production. We will not validate “on a daily basis” what the developers are doing in the lower environments like Dev and QA.
It is important to understand the Schneider landscape how we use OutSystems. We are from the Platform COE here in Schneider and we are well versed with the platform. But there are many regional teams who are novice in OutSystems and may unknowingly cause mistakes. For the success of OutSystems we have to entertain these set of developers who are joining in huge numbers to this community. OutSystems in Schneider will be a success only if we have this huge vibrating community.
Our belief is the platform should be robust enough to not allow any developer to play with this feature which is allowing any end user to even login to the platform as the platform Administrator. Hence our sincere request is to see how this can be avoided at the platform level."