Access Role form
Completing the Role tab
Use the Role tab to view Access of Role to Object (Rule-Access-Role-Obj) rules for an access role and to enable privilege inheritance.
- Clone from – Specify the name of an access role from which to clone a new role.
- Inherit privileges within class hierarchy – Select this check box to simplify the process of granting operator access to a feature protected by privileges. At run time, the system searches the class hierarchy for Rule-Access-Role-Obj instances, for the current access role.
In the grid, each row represents a Rule-Access-Role-Obj instance that is associated with the role that you opened.
- In the Access Class column, click an access class to display or edit the Rule-Access-Role-Obj instance.
- In the Privileges column, the system lists the privileges associated with the Rule-Access-Role-Obj.
- For each access class, use the other columns to review the privilege settings for these operations: read instances, write instances, delete instances, read rules, write rules, delete rules, execute reports, and execute activities.
- The values in these columns represent the access permissions for each operation:
- 0 or blank – Use to prohibit access to the operation.
- 1 – Use for test systems or low-security systems.
- 5 – Use for production or high-security systems.
Each value is compared with the production level of the deployed system. When the Rule-Access-Role-Obj setting is equal to or greater than the system production level, access is permitted.
Open topic with navigation