Implementing advanced settings for Access Deny rules
For complex conditions, use this tab to enter conditions and a logic statement that combines them.
As a best practice, use the Conditions tab to configure and update the rule. Your configuration populates the conditions array and the Logic String field on this tab. If you add, change, or delete rows, or edit the Logic String field, you can no longer use the Conditions tab. Updating values in existing conditions or using the Options area does not disable that tab.
In each row, enter a condition and label you want to include in the Access When evaluation.
Enter a unique number or text value in the row header that serves as an
identifier for this row. These are used in the Logic String elements. Do not
as labels. You can enter
a label to mark this row as a comment; a condition that is not evaluated.
By default, the system uses A, B, C, and so on.
Use the fields to enter property references, literal constants, or calls and
functions. By default, the first condition compares two values.
Optionally, click the Down Arrow icon at the end of the row for a list of standard conditions (derived from function alias rules).
- Logic String
Enter the Boolean logic operations performed on the Conditions array that will compute
to a True or False result at runtime.
If you created the conditions on the Conditions tab, the system populates this field using the
ORoperators, and the group hierarchies defined on the condition tree.
You can use and, or, and not in the statement. You can use parentheses to control the order of evaluation.
For example, if the table contains four labels A, B, C, and D, you can enter: (A and B) or (C and not D)
When you save the rule, if the form contains only one test row, the system inserts the label for that test row here. If you have more than one row, the system defaults to requiring all rows to be true. If that's not what you want, revise the statement and save again.
Previous topic Completing the Conditions tab for Access When rules Next topic Understanding Access of Role to Object rules