Access of Role to Object
form
Completing the Security tab
|
|
For each of the eight categories in the array, you can enter an Access When rule name, or a numeric value between 0 and 5.
Enter 0 or leave blank to prohibit all access. Enter a value between 1
and 5 to provide access. If, at runtime, the production level of your
Process Commander system is not greater than the numeric value, then
users with the specified access role can perform the operation (on
objects of that class). If an Access When rule evaluates to
True at runtime, the users with the specified access role
can perform the operation.
For example, assume the key to this instance is Supervisor.Data-Customer, the production level of the system is 3, and the value in the Open Instances is 4. So users who possess the Supervisor role can open instances of the Data-Customer class.
If the same Access of Rule to Object rule instance is present on a system with a production level of 5, a user with the Supervisor role can not open instances of the Data-Customer class.
The first five categories are needed to operate on instances. The last three categories are usually needed only by application developers.
The production level of the system is visible on the System form.
Field |
Description |
| Access Controls | |
| Open Instances |
Optional. This determines whether holders of the access role identified as the first key part of this rule can open instances of the class identified as the Access Class key part of this rule. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. B-16836 validation If you enter a name, the system uses the Access Class key part of this Access of Role to Object rule and class inheritance to find the Access When rule. |
| Modify Instances |
Optional. This determines whether holders of the access role identified as the first key part of this rule can save new or modified instances of the class identified as the second key part of this rule. Save, not modify true? Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the Access Class key part of this Access of Role to Object rule and class inheritance to find the Access When rule. |
| Delete Instances |
Optional. This determines whether holders of the access role identified as the first key part of this rule can delete instances of the class identified as the second key part of this rule. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the Access Class key part of this Access of Role to Object rule and class inheritance to find the Access When rule. |
| Search Instances |
Optional. This determines whether holders of the access role identified as the first key part of this rule can search through instances of the class identified as the second key part of this rule, including searches performed by list view and summary view rules. KARAF 10/5/04 This option is informally known as read-only access. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the Access Class key part of this Access of Role to Object rule and class inheritance to find the Access When rule. The message: You are not authorized to run this view. indicates that a user lacks the capability provided by this field. |
| Execute Activities |
Optional. This determines whether holders of the access role identified as the first key part of this rule can execute activities that belong to the class identified as the second key part of this rule. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the class of the primary page at runtime to locate an Access When rule. As a best practice, create the Access When rule in the Rule- base class. B-13040 GENTJ |
| Open Rules |
Optional. This determines whether holders of the access role identified as the first key part of this rule can open rules with the class as a key part. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the class of the primary page at runtime to locate an Access When rule. As a best practice, create the Access When rule in the Rule- base class. B-13040 GENTJ |
| Modify Rules |
Optional. This determines whether holders of the access role can save new or modified rules with the class as a key part. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the class of the primary page at runtime to locate an Access When rule. As a best practice, create the Access When rule in the Rule- base class. B-13040 GENTJ |
| Delete Rules |
Optional. This determines whether holders of the access role can delete rules with the class as a key part. Enter the When Name key part of an Access When rule, or a level value between 1 and 5. If you enter a name, the system uses the class of the primary page at runtime to locate an Access When rule. As a best practice, create the Access When rule in the Rule- base class. B-13040 GENTJ |